Explore practical steps for defending applications against security threats in this 39-minute Docker conference talk. Learn how to effectively protect container deployments from common attacks through live demonstrations, best practices, configuration techniques, and tools. Gain insights into mitigating risks related to authentication, injection, updates, sensitive data, and configuration. Understand the most critical security risks in applications and how to address them, drawing inspiration from the OWASP Top 10 and high-profile exploits. Discover the role of containers in enhancing security and prepare for future threats like Meltdown and Spectre. Cover topics such as code quality, GDPR compliance, security testing, PCI compliance, MicroScanner, security policies, host configuration, least privilege principles, and runtime protection.
Overview
Syllabus
Intro
Bad headlines
Docker! Docker! Docker!
Pipeline
Code quality
GDPR compliance
Security testing
PCI compliance
MicroScanner
Security policies
Host configuration
Least privilege
Runtime protection
Principles
Taught by
Docker