Overview
Explore Docker security and container auditing in this comprehensive conference talk from BSides Nashville 2016. Delve into the fundamentals of Docker, its history, and how it works. Learn about potential security risks, including root user access and vulnerabilities. Discover effective strategies for container auditing, including automated systems, vulnerability scanning, and establishing security standards. Gain insights into the DevOps involvement in the Docker security process, and understand how to handle broken containers. Benefit from expert knowledge on container chaos and practical approaches to enhance Docker security in your development and deployment workflows.
Syllabus
Introduction
What is Docker
More about Docker
Docker History
What isnt Docker
How does Docker work
Door
Root User
Stats
Nessus
Docker Security
Discover Phase
Set Standards
Automated System
Shipping Code
Vulnerability Scanning
References
Dev Ops Involvement
The Process
Broken Containers
Automation
Hartley Stitt