VMs vs. containers Which is better for security

By now, security professionals are familiar with virtualization given the significant adoption both in the data center, as well as in the cloud -- the use of virtualization is almost ubiquitous at many organizations. Practitioners more commonly encounter application containerization technologies in their organizations, which include Docker, rkt and the associated orchestration technologies like Kubernetes that surround them and help scale usage. Practitioners are mandated to make technology risk decisions, and many of those decisions involve one or both of virtualization and containerization technologies. When comparing VMs vs. containers, it is natural to ask, which is more secure? These tools are not equivalent, therefore a direct security comparison isn't an apples-to-apples comparison. In the case of VMs vs. containers for security, each requires a different tool set, an understanding of vastly different security models, and familiarity with an entirely different orchestration ecosystem. It also depends on the particular use case.