»Container Security Deep Dive«
2019-05-16, 10:30–12:30, Workshop 1
Containers are the next big thing in virtualization tech. If configured properly they provide immense security. In this workshop I will go over how to secure your container deployment end to end
Things covered:
- Quick intro to containers
- Generic container pipeline
- Securing your container pipeline : Trusted base images , Dockerfile linting , image scanning , Docker daemon config , Docker runtime options, logging in containers , runtime alerting in Docker
- How to Scale : pre-deployment feedback instead of post deployment vuln tickets , deploying scanners to not hold up Jenkins builds , real time notifications to developer, and webhooks with slack notifications