Did you miss the Docker Community All-Hands on December 9, 2021?
Here is a replay of the talk hosted by Eric Smalling (@ericsmalling): Hacking into your containers, and how to stop it!
DevOps and the migration to container-based deployments have increased the velocity and quality of our software pipelines by shifting infrastructure and operational practices “left”, closer to the development teams. While these changes allow for faster feedback and greater opportunity for automation and testing, security concerns are still often left as a late-stage hurdle in our pipelines because the tools and security teams have not been invited to our DevOps party. In this session, we’ll talk about how to implement proactive security practices at the left-most stages of your SDLC pipelines, fostering the DevSecOps mentality and we’ll talk about the new challenges this brings to the scope of work application developers face in today’s containerized application landscape. I will demonstrate a live hack into a container based on a real-world, publicly available open-source container vulnerability and then show you the steps you can take to harden against such attacks in your clusters.
Presentation material is available: https://www.slideshare.net/EricSmalling1/hacking-into-your-containers-and-how-to-stop-it
Join our community on Slack: https://bit.ly/3Em3zsi
You can follow Docker on social networks:
Twitter: https://twitter.com/Docker
LinkedIn: https://www.linkedin.com/company/docker/
Facebook: https://www.facebook.com/docker.run