Containers are the next big thing in virtualization
tech. If configured properly they provide immense security. In this workshop
I will go over how to secure your container deployment end to end
Things covered:
- Quick intro to containers
- Generic container pipeline
- Securing your container pipeline: Trusted base images, Dockerfile linting, image scanning, Docker daemon config , Docker runtime options, logging in containers, runtime alerting in Docker
- How to Scale: pre-deployment feedback instead of post deployment vuln tickets, deploying scanners to not hold up Jenkins builds, real time notifications to developer, and webhooks with slack notifications
Participants should bring:
Laptop with admin privileges and docker installed
Participants must know or have:
basic linux knowledge, familiarity with Docker