Overview
Explore Docker container security in this 46-minute conference talk from Louisville InfoSec 2016. Delve into the fundamentals of Docker, its flexibility, and system architecture. Examine the security benefits of containers, including user namespaces, while addressing potential vulnerabilities and concerns. Learn about balancing security with DevOps practices through a four-phase approach: defining standards, implementing automated scanners, establishing continuous controls, and utilizing tools like CyberE. Gain valuable insights on securing Docker containers and enhancing your organization's overall security posture.
Syllabus
Intro
Who am I
What is Docker
Flexibility
Systemd v Docker
Container can span multiple hosts
Containers contain dependencies
Security benefits
User name spaces
Security concerns
High priority vulnerabilities
What do we do with this
Security vs DevOps
For Phase Approach
Defining Standards
Automated Scanners
Continuous Controls
Tools
CyberE
Other Cool Stop
Contact Information
QA