ESA-3295 Container Security Workshop | Devoxx

Devoxx UK 2019
from Wednesday 8 May to Friday 10 May 2019.

   Container Security Workshop

Hands-on Lab

Beginner & novice level
Lab Room A Wednesday from 14:00 til 17:00

This 3-hour use-case driven session will cover the most important container security techniques:

Container security best practices Learn what are the security best practices building your containers: privileges, resource limits, Dockerfile options, rebuild process, etc.

Kubernetes platform security features Host security configuration, Kubernetes RBAC, Kubernetes Security Policy, Kubernetes Network Policy and other Admission Controllers, etc.

Image scanning How image static scanning works in Docker, available tools like Quay and Anchore, integrating this in your CI/CD pipeline.

Runtime security and forensics Why runtime security is important? How tools like seccomp, SELinux, AppArmor or Falco compare. Writing Falco rules. Forensics on containers.

Deploying all the open source tools for a real example Bringing together all the tools like docker-bench, kube-bench, Kubernetes features, Anchore, Falco, sysdig and Sysdig Inspect.Using FaaS for reacting to security threats in a containerized world.

workshop   Kubernetes   security  
Subscribe to Devoxx on YouTube
Mateo Burillo
Mateo Burillo
From Sysdig

Integrations engineer and tech writer @sysdig, Mateo greatly enjoys tinkering with container technologies, creating homebrew lab environments, and the perpetual newbie feeling of this fast moving world of tech. He spends most of the day getting in the shoes of the user at many different levels: user interface, task automation, proper documentation and error handling, code examples, and dissecting deep technical concepts for the newcomers. All his former job positions revolve around the confluence of humans and technology, having worked as Evangelist, Project manager and pre-sales engineer.

Make sure to download the Android or iOS mobile schedule.