Overview
Explore the world of syscalls in this 40-minute Docker conference talk. Discover how syscalls are used to set up containers and learn to enhance deployment security by limiting container syscalls using seccomp and Linux security modules like AppArmor. Gain insights into the security advantages of containerized microservices over traditional monoliths, with practical demonstrations to illustrate key concepts. Delve into topics such as syscall basics, kernel interactions, Set Comp, STrace, and microservices architecture. Understand how to leverage these techniques to improve overall system security and convince your security team of the benefits of container adoption.
Syllabus
Intro
What is a Syscall
Syscalls in action
Cisco parameters
The kernel
Set Comp
STrace
AppArmor
Microservices
Shellshock
Recap
Taught by
Docker