Unikernel Security Analysis CCC Talk

Recently I listened to this talk about unikernels, which also mentioned MirageOS and how it is leaner for deployment in a hypervisor environment:

It is quite interesting to hear the conecpts of, “libOS,” and reducing the attack surface due to only having the least amount of code necessary. The idea of stripping down the OS to the “application” level, so that it can only run one application, or be useful for one specialized purpose, is fascinating.

Here’s another talk on QubesOS firewall using MirageOS Unikernel written in OCaml