Containers and virtual machines are both central to modern cloud infrastructure but have fundamentally different security boundaries by design. Virtual machines (VMs) provide better isolation, but can be more cumbersome and less portable. Containers have become the common choice for workloads due to their flexibility and lightweight footprint, but their security properties are often misunderstood or oversimplified. MicroVMs challenge this tradeoff by providing container-like minimal environments with VM-grade isolation.

In this talk, we’ll start with a security-focused comparison of containers and traditional VMs, and then we’ll dive into microVMs and how their design allows them to reduce overhead while preserving hardware-backed isolation.

Attendees will leave with a better understanding of the tradeoffs between containers and virtual machines and how that knowledge can impact infrastructure design choices.