Overview
Explore container sandboxing techniques for securing high-risk and untrusted workloads in AI-driven environments. Dive into various approaches to container sandboxing, examining their trade-offs and implications. Gain in-depth knowledge of the open-source gVisor sandbox and container runtime implementation. Discover new sandboxed hardware accelerator support in gVisor, understand implementation trade-offs, and learn how gVisor is utilized to mitigate AI/ML security risks. Examine the gVisor team's efforts to reduce performance costs associated with sandboxing. This 30-minute conference talk by Lucas Manning from Google, presented at a CNCF event, offers valuable insights into enhancing AI security through advanced container sandboxing techniques.
Syllabus
Accelerating AI Securely with GVisor - Lucas Manning, Google
Taught by
CNCF [Cloud Native Computing Foundation]