»Container Security Deep Dive«
2019-05-16, 10:30–12:30, Workshop 1

Containers are the next big thing in virtualization tech. If configured properly they provide immense security. In this workshop I will go over how to secure your container deployment end to end

Things covered:

  1. Quick intro to
 containers
  2. Generic container pipeline 

  3. Securing your container pipeline
: Trusted base images
, Dockerfile linting
, image scanning
, Docker daemon config
, Docker runtime options, logging in containers
, runtime alerting in Docker

  4. How to Scale
: pre-deployment feedback instead of post deployment vuln tickets
, deploying scanners to not hold up Jenkins builds
, real time notifications to developer, and webhooks with slack notifications