Google’s gVisor exists to provide a true sandbox for your Docker containers. It replaces runc, the default Docker runtime which recently had a serious vulnerability .

In theory gVisor is a drop-in replacement for runc, but does it actually work with Amazon ECS?

What is gVisor?

gVisor is a user-space kernel for containers…

Aaron Gorka

DevOps Engineer

