You are writing a cloud application that executes custom code on behalf of your users. You need to protect one user's data from another's, and you must ensure fair access to computing resources among your users, without imposing undue constraints on their code. In other words, you must build a sandbox for executing custom code. In this talk I will demonstrate a design for such a sandbox that we have created at Auth0. You will learn how we are using modern container technologies based on CoreOS and Docker to enable customers to run custom Node.js and C# code (via Edge.js) in a way that is safe, fair, and fast.