All these reports from security vendors finding that x attacks surged by >100% read just like "umbrella salesman predicts record monsoon season."

@dangoodin It just feels so much less like fearmongering because it's so much more performative.

@da_667 @Viss
My only point of disagreement is that visibility reduction on bare metal is difficult to do at scale with active operations team; containers do add something in reducing immediately available real estate for exploitation (if configured well), that would otherwise be limitations that will vary app to app on the same device (Assuming you run multiple services on the same device).

Having had to lockdown systems and limit access to binaries, etc, etc, it can be done, but containers do make that easier to some extent (if similarly well configured).

Not that it's a replacement for the former, but it can be a good tool to help in the matter.