Explore key areas of container security in this comprehensive conference talk from the Open Source Summit. Dive into securing the supply chain, focusing on code insertion into containers, signing, provenance, and control, with insights from Santiago Torres and Justin Cappos on in-toto and TUF. Learn about policy and authorization for controlling deployments, featuring Tim Hinrichs' discussion on Open Policy Agent. Discover techniques for securing container runtimes, including the runc container escape and the initiation of a container escape bounty, presented by Michael Wardrop from Netflix. Engage in roundtable discussions and bird-of-a-feather sessions following the presentations. Benefit from the expertise of industry leaders including Tim Hinrichs (CTO, Styra), Justin Cormack (Security Engineer, Docker), Michael Wardrop (Senior Security Software Engineer, Netflix), Justin Cappos (Professor, NYU), and Santiago Torres-Arias (PhD Candidate, New York University) in this 75-minute session on cutting-edge container security practices.
Container Security: Supply Chain, Authorization, and Runtime Protection
Overview
Syllabus
Open Source Summit: Security
Taught by
Docker
Related Courses
-
GitHub Supply Chain Security Using GitGat
-
Notary: State of Development and Supply Chain Security
-
Toto-Ally TUF: Simple Tools for a Secure Software Supply Chain
-
Using Docker Content Trust with Kubernetes Admission Controllers to Secure Runtime
-
Dynamic Authorization and Policy Control for Docker Container Environments
-
Notary - State of the Container Supply Chain
