Conference:March 6-8, 2017
Workshops:March 9-10, 2017
Workshop: Docker Security Workshop
Location:
- Westminster, 4th flr.
When:
- Thursday
Key takeaways
Understand the different ways in which a container can be compromised
Understand the various methods that can be employed to protect containers
Prerequisites
A WiFi-enabled laptop with access to SSH (You'll be provided with a login to a cloud VM and need to be able to SSH into this machine. It's not possible to follow along on a local instance due to the need to download large images.)
This course will explain how to secure a modern, microservice-based system. Attendees will start by running and hacking into a vulnerable system, before switching roles and using various Docker tools and features to protect the system. While the tutorial focuses on Docker, the patterns and information can help secure any production container system.
Topics covered will include:
- Creating and running a simple container-based service
- Switching roles to attack and compromise the service
- Looking at how to respond to an attack
- Investigating various ways to improve the security of the system, including scanning images for vulnerabilities and limiting the privileges of running containers
Other Workshops:
Tracks
-
Architecting for Failure
Building fault tolerate systems that are truly resilient
-
Architectures You've Always Wondered about
QCon classic track. You know the names. Hear their lessons and challenges.
-
Modern Distributed Architectures
Migrating, deploying, and realizing modern cloud architecture.
-
Fast & Furious: Ad Serving, Finance, & Performance
Learn some of the tips and technicals of high speed, low latency systems in Ad Serving and Finance
-
Java - Performance, Patterns and Predictions
Skills embracing the evolution of Java (multi-core, cloud, modularity) and reenforcing core platform fundamentals (performance, concurrency, ubiquity).
-
Performance Mythbusting
Performance myths that need busting and the tools & techniques to get there
-
Dark Code: The Legacy/Tech Debt Dilemma
How do you evolve your code and modernize your architecture when you're stuck with part legacy code and technical debt? Lessons from the trenches.
-
Modern Learning Systems
Real world use of the latest machine learning technologies in production environments
-
Practical Cryptography & Blockchains: Beyond the Hype
Looking past the hype of blockchain technologies, alternate title: Weaselfree Cryptography & Blockchain
-
Applied JavaScript - Atomic Applications and APIs
Angular, React, Electron, Node: The hottest trends and techniques in the JavaScript space
-
Containers - State Of The Art
What is the state of the art, what's next, & other interesting questions on containers.
-
Observability Done Right: Automating Insight & Software Telemetry
Tools, practices, and methods to know what your system is doing
-
Data Engineering : Where the Rubber meets the Road in Data Science
Science does not imply engineering. Engineering tools and techniques for Data Scientists
-
Modern CS in the Real World
Applied, practical, & real-world dive into industry adoption of modern CS ideas
-
Workhorse Languages, Not Called Java
Workhorse languages not called Java.
-
Security: Lessons Learned From Being Pwned
How Attackers Think. Penetration testing techniques, exploits, toolsets, and skills of software hackers
-
Engineering Culture @{{cool_company}}
Culture, Organization Structure, Modern Agile War Stories
-
Softskills: Essential Skills for Developers
Skills for the developer in the workplace
