This is a one-day hands-on workshop that covers how to secure a modern, microservice based system. The course begins with participants running and hacking into a example web application. They then switch roles and use various Docker features to protect the system from attack. From there we explore various techniques and features in more detail, including scanning images for vulnerabilities, reducing the privileges associated with containers and securely handling sensitive information in containers.
The course is technical in nature, but the majority of the advice is high-level and applicable to any microservice or container-based system such as Kubernetes or Mesos clusters.
Who should attend?
This workshop is for both developers and operations staff that are using containers in their day-to-day work, or intend to move to a container-based system.
What can I expect from the workshop?
After this workshop you will have an overview of the main security threats faced by modern web applications as well as the tools and features of containers that can be used to limit and prevent these threats.
The course ends with a recap that highlights the most important risks to tackle first and advice on where to go from there.
Upon completion participants will:
- Appreciate the importance of security
- Be aware of the major areas where security issues are likely to appear in a container-based system
- Be aware of the tools and features available to secure a container-based system
- Understand the relevant importance of the various threats and counter-measures
Upon completion participants will be able to:
- Run Docker containers as an unprivileged user
- Run Docker containers with a read-only file system
- Describe the principle of least privilege
- Describe the importance of “defence in depth”
- Describe multiple methods for reducing the level of privilege associated with a container
- Run a security scan on a container image
- Describe several methods for passing sensitive information into containers and their relative merits and drawbacks
- Why security is important
- How to respond to a security incident
- Scanning images for vulnerabilities
- Limiting the privileges of running containers
- Managing secrets (such as database passwords and API keys)
- Basic knowledge of Docker (some familiarity with the docker build and docker run commands)
- Basic knowledge of Unix (able to change directories and edit files)
- WiFi-enabled laptop
- SSH client (participants will need to connect to training VMs via SSH)
Format and Duration
- Format: Classroom based, hands-on facilitated workshop
- Duration: 1 day
- Optimal capacity: 10-12 participants