Docker is becoming an increasingly deployed and adopted platform for creating, deploying and hosting web applications, databases and other business critical solutions. Given the increased adoption rate of Docker in companies and organizations, it comes as no surprise that the role of security in Docker is increasing and is in high demand.
The process of securing Docker is multi-faceted and requires a procedural approach given the various elements involved, from the Docker daemon to the containers themselves.
The ability to audit, secure and manage Docker is becoming increasingly important and increasing in demand as a desired skill set for Developers and DevOps engineers.
This increasing importance has led to an entirely new job role being created to account for this particular set of responsibilities and skill set. It has been coined DevSecOps.
This presentation aims to provide developers, system administrators and DevOps engineers the necessary skills to be able to audit, secure and manage Docker in the context of an organization or in their own personal projects.
The Training will consist of 6 phases:
1. Docker security best practices.
2. Controlling container resource consumption with Control Groups.
3. Implementing access control for containers with AppArmor.
4. Limiting container system calls with Seccomp.
5. Vulnerability scanning for Docker containers.
6. Building secure Docker images.