Explore container security vulnerabilities and attack surface reduction techniques in this 50-minute Black Hat conference talk. Analyze findings from a study of the top 100 official Docker images on DockerHub, revealing thousands of vulnerabilities and misconfigurations. Discover how these security issues often stem from unnecessary dependencies, binaries, and improper file/user/network permissions rather than the core application. Learn strategies for reducing container attack surfaces that go beyond traditional namespace isolation. Gain insights from security experts Azzedine Benameur, Jay Chien-An Chen, Lei Ding, and Michalis Polychronakis on improving container security practices.
Container Attack Surface Reduction Beyond Name Space Isolation
Overview
Syllabus
Container Attack Surface Reduction Beyond Name Space Isolation
Taught by
Black Hat
Related Courses
-
Insights in Container Security
-
Attack Surface Reduction Strategies for Enhanced Security
-
ProxyLogon is Just the Tip of the Iceberg - A New Attack Surface on Microsoft Exchange Server
-
IRQDebloat - Reducing Driver Attack Surface in Embedded Devices
-
Living in a Secure Container Down by the River
-
Watching the Watchers - The Hidden Risks of Container Scanning Tools
