Explore insights into container security in this 50-minute conference talk from GOTO Berlin 2015. Delve into the popular container virtualization technology and its security implications as it moves from developer desks to production environments. Examine Docker's security features, isolation mechanisms, and potential vulnerabilities. Learn about Linux capabilities, namespaces, and C Groups in the context of container security. Understand complex attack surfaces, architectural issues, and best practices for defense in depth. Gain valuable knowledge on network security, building trusted images, and avoiding common pitfalls when implementing container solutions. Benefit from the expertise of Nils Magnus, a system architect and journalist, as he addresses concerns and provides practical insights for securing containerized environments.
Overview
Syllabus
Introduction
About Nils Magnus
Why Container Security
History Quiz
Container Security
Isolation Features
Threat Types
Complex Attack Surface
Linux Capabilities
Issues with Capabilities
Attack Surfaces
Namespaces
C Groups
Architecture Issues
Application Architecture
Defense in Depth
Network Security
untrusted sources
build your own images
turning off security features
summary
questions
Taught by
GOTO Conferences
