sometimes the tire fires you, sometimes you fire the tire.

AZ never gets any good press

What She Actually Did

When Frazelle was at Docker, she wasn't presenting at conferences about the future of containers — she was writing the code that made containers not immediately exploitable. She implemented seccomp filtering support, worked on capabilities restrictions, and produced the kind of container security documentation that explained what the kernel was actually doing rather than what vendors wished it was doing. The seccomp profiles she published for common workloads circulated for years as the authoritative baseline for hardening containers that people actually ran.

The blog at blog.jessfraz.com is worth reading not as a time capsule but as a reference. Posts on container internals, Linux namespaces, and syscall filtering have not aged because they were about mechanisms, not narratives. The mechanisms haven't changed.

The containers and cloud-native world has always had a large population of people who are very good at talking about shipping things. Conference talks about velocity. Blog posts about delivery culture. Keynotes delivered by someone who hasn't touched production in four years. Frazelle is on the short list where the public record matches the commit history. The site's original entry was an image and a link. That was enough.