Having a conversation about security between developers, security professionals and ops requires a common language, and tools that respect that language.
In this talk I discuss a conversational approach to defense, in depth approaches to application security, going from a high level language about what a program is intended to do, and applying this to tools that restrict behaviours.
Appropriate language depends on the problem domain, so I will look at concrete examples. The first case is the OpenBSD pledge system, introduced last year. This has been the most successful rollout of a capability reduction system, with it applied to the majority of the programs in the base system within a few months. It is however successful because it targets the language of a particular problem domain, and is not necessarily directly applicable elsewhere.
As a second example I will look at the ongoing work we are doing at Docker to apply the pledge model to make a language for describing containerised applications, looking at the differences in the domain languages for a different type of application.