A lot has been said about unikernel security but what gives it that security?
Linux and Windows are both multiple process systems that were designed decades ago and could not envision the cloud environment we live and work in today. Unikernels are single process systems. By design they can *not* run code that was not intended to run - flat out - do not pass go - do not collect $200. Shell code exploits by definition do not work on unikernels. We've just eliminated the vast majority of your security problems. You're welcome.
When your website boots up you not only have remote code execution in place but you have tens of potential users that can login to execute said code (and they are always "bad users"). Unikernels have *no* users and no remote code execution - it's designed that way. No more Equifax incidents - not on your watch.
The shell is at least a 40 year old construct designed in a different time period. Today in Silicon Valley engineers are used to working with tens, hundreds, thousands or even more systems at a time. It's an antiqutated concept that only lends it's hands towards those who want to do your company harm. There are no shells on unikernel systems - they simply don't exist. They can not exist. This is by design.
Compared to a bloated Linux system that has hundrds of millions of lines of code with drivers for everything from USB drives (which you won't use on the cloud) to audio drivers (which you won't use on the cloud) to libraries such as libxslt that have ftp servers embedded in them unikernels are refreshingly small. Sometimes as small as 10Mb or maybe even kilobytes. Smaller than some of the images on this webpage.
Less code == Less exploits. Get on the unikernel train.
Introducing the future cloud.
Contact us at 888-PANIC-83 or email us at firstname.lastname@example.org.
Sign up to get alerted about new developments.