I'm at the Red Hat Summit, and one of the sessions I attended had to do with securing

=======================================================
============ Description from the Summit Description of this event below...
Secure your enterprise software supply chain with containers

Curtis Yanko - Sr Principal Architect, Sonatype
Randy Kilmon - VP of Engineering, Black Duck Software
Zohaib Khan - Practice Lead, Manager PaaS Comunity of Practice, Red Hat
Scott McCarty - Senior Principal Product Marketing Manager, Red Hat

Container images will soon underpin all of our mission critical applications. Therefore, we must ensure that we are using the highest quality containers images at every stage of the development cycle on through to production. In this session, our team of experts from Red Hat, Black Duck and Sonatype will present a foundational understanding of managing container-based software supply chains and how to make them more secure. For example, attendees will learn how to ensure that what gets packaged, delivered, and deployed is of the highest quality -- including using secure configurations and avoiding use of known vulnerabilities in open source components. We will also discuss best practices for accelerating the remediation of security defects in containers that have already been deployed. Attend this session and learn how to:

Build and secure enterprise software supply chains with containers.
Benefit from use of Red Hat and other open source technologies, including: public registry of trusted sources for container images (e.g., one hosted by Red Hat) and private registries that host certified container images (e.g., Red Hat Satellite, Nexus Repository).
How to scale and secure thousands of containers using OpenShift Enterprise by Red Hat or Red Hat Enterprise Linux Atomic Host.
Provide the ability to automatically patch and redeploy containers at runtime.

This session is designed to help architects, developers and ops professionals to securely deliver containers for serious production workloads while dealing with the operational challenges of patching and deploying them at scale in an automated manner.

================

I propose a discussion on how anyone secures containers, what process they use to make sure their containers are secure, and what has worked for them. They also brought up dealing with CVEs for containers. Any relevant security discussion regarding containers is welcome in this discussion.

Thanks,
R. Hinton