Overview
Explore Docker containerization and its impact on offensive security operations in this 39-minute Black Hat conference talk. Gain insights into the vulnerability lifecycle, attacker vs. defender perspectives, and implications for application security testing. Learn how containerization affects exploitation expectations and discover practical applications through a demonstration. Ideal for penetration testers seeking to understand the security implications of multi-container applications.
Syllabus
Introduction
Purpose of this talk
Prior Art
What is Docker
Vulnerability Lifecycle
Attacker vs Defender
Application Development
Containerization
Hello World vs Docker
Redis
Application Security Tester
Control Over Execution
Containerization for Attackers
Application Security Testing
Exploitation Expectations
Implications
Demo
Conclusions
Contact information
Taught by
Black Hat