Build Better Defenses
October 29–30, 2017: Training
October 30–November 1, 2017: Tutorials & Conference
New York, NY

Applying container and Docker security

Ben Hall (Katacoda | Ocelot Uproar)
9:00am–12:30pm Monday, October 30, 2017
Tools and processes
Location: Sutton South
Average rating: ****.
(4.00, 3 ratings)

Who is this presentation for?

  • Developers, DevOps engineers, and those working in operations

Prerequisite knowledge

  • A basic understanding of Linux and the command line

Materials or downloads needed in advance

  • A laptop with an up-to-date browser installed

What you'll learn

  • Understand the Linux and Docker security model, its limitations, and how to maximize your container’s security

Description

Docker offers a lot of advantages, simplifying both development and production environments, but there is still uncertainty around the security of containers. Drawing on his experience building Katacoda, a platform that provides users with a sandboxed and personalized learning playground—with the side effect that they can execute malicious code and hack the system from inside the container—Ben Hall walks you through implementing Docker and container security. You’ll learn about the Linux and Docker security model, its limitations, and how to maximize your container’s security.

Topics include:

  • Docker security
  • Docker and Linux vulnerabilities
  • Out-of-the-box security with Docker
  • Securing containers with seccomp and AppArmor
  • Securing containers using Linux kernel features
  • Container security tooling
Photo of Ben Hall

Ben Hall

Katacoda | Ocelot Uproar

Ben Hall is the founder of Ocelot Uproar, a company focused on building products loved by users. Ben has worked as a system administrator, tester, and software developer and launched several companies. He still finds the time to publish books and speak at conferences. Ben enjoys looking for the next challenges to solve, usually over an occasional beer. Ben recently launched Katacoda, an online learning environment for developers that helps break down the barriers to learning new technologies such as Docker and containers.