The technology of encryption and containers can provide an unmatched level of security for sensitive data in use in production environments. Intel SGX keeps a container encrypted even during runtime. Such a container instance is protected from host OS, root users and network intruders! For example, an NGINX container can retrieve a certificate using ACME while shielded from the host.
Learning Objectives: 1: Learn to protect sensitive containers from host and other processes. 2: Learn how encryption advancement protects containers if infrastructure is compromised. 3: See how Intel SGX applies to containers.