Container Security Deep Dive

Back to the list of Speakers and Sessions
Containers are the next big thing in virtualization tech. If configured properly they provide immense security. In this workshop I will go over how to secure your container deployment end to end

Things covered:

  1. Quick intro to containers
  2. Generic container pipeline
  3. Securing your container pipeline: Trusted base images, Dockerfile linting, image scanning, Docker daemon config , Docker runtime options, logging in containers, runtime alerting in Docker
  4. How to Scale: pre-deployment feedback instead of post deployment vuln tickets, deploying scanners to not hold up Jenkins builds, real time notifications to developer, and webhooks with slack notifications
Participants should bring:

Laptop with admin privileges and docker installed

Participants must know or have:

basic linux knowledge, familiarity with Docker