On day one of the Linux
Security Summit North America (LSS-NA), Stéphane Graber and Christian
Brauner gave a presentation on the current state and the future of
container security. They both work for Canonical on the LXD project;
Graber is the project lead and Brauner is the maintainer. They looked at
the different kernel mechanisms that can be used to make containers more
secure and provided some recommendations based on what they have learned
along the way.

Source: LWN.net – [$] Making containers safer