You are viewing content from a past/completed QCon

Workshop: Container and Microservice Security

Location: Henry Moore, 4th flr.

Duration: 9:00am - 4:00pm

Day of week: Friday

Level: Beginner

Key Takeaways

  • Awareness of the major areas where security issues are likely to appear in a container-based system

  • Understanding of the tools and features available to secure a container-based system

  • Ability to apply this understanding to their own system, focusing on most important areas first

Prerequisites

Attendees should have basic knowledge of Docker and Unix (able to run `docker build` and `docker run` commands and edit files on a Unix system).

Wifi enabled laptop with SSH client.

This is a hands-on workshop that covers how to secure a modern, microservice based system. We will start with running and hacking into a example web application. We will then switch roles and see how various container features can be used to protect the system from attack.  From there we explore various techniques and features in more detail, including scanning images for vulnerabilities, reducing the privileges associated with containers and securely handling sensitive information in containers.   

The course is technical in nature, but the majority of the advice is high-level and applicable to any microservice or container-based system such as Kubernetes or Mesos clusters.

The following topics will be covered:

  • Why security is important
  • How to respond to a security incident
  • Scanning images for vulnerabilities
  • Limiting the privileges of running containers
  • Managing secrets (such as database passwords and API keys)

Speaker: Adrian Mouat

Chief Scientist @containersoluti (Container Solutions)

Adrian Mouat is the Chief Scientist at Container Solutions, a European services company specialising in container technologies. He is currently researching container orchestration platforms and image management. Adrian is a member of the Docker Captains program.

Find Adrian Mouat at

Other Workshops:

Day: Friday [Full Day]
Day: Thursday [Full Day]

Tracks

  • Architectures You've Always Wondered About

    Hard-earned lessons from the names you know on scalability, reliability, security, and performance.

  • Machine Learning: The Latest Innovations

    AI and machine learning is more approachable than ever. Discover how ML, deep learning, and other modern approaches are being used in practice.

  • Kubernetes and Cloud Architectures

    Learn about cloud native architectural approaches from the leading industry experts who have operated Kubernetes and FaaS at scale, and explore the associated modern DevOps practices.

  • Evolving Java

    JVM futures, JIT directions and improvements to the runtimes stack is the theme of this year’s JVM track.

  • Next Generation Microservices: Building Distributed Systems the Right Way

    Microservice-based applications are everywhere, but well-built distributed systems are not so common. Early adopters of microservices share their insights on how to design systems the right way.

  • Chaos and Resilience: Architecting for Success

    Making systems resilient involves people and tech. Learn about strategies being used, from cognitive systems engineering to chaos engineering.

  • The Future of the API: REST, gRPC, GraphQL and More

    The humble web-based API is evolving. This track provides the what, how, and why of future APIs.

  • Streaming Data Architectures

    Today's systems move huge volumes of data. Hear how the innovators in this space are designing systems and leveraging modern data stream processing platforms.

  • Modern Compilation Targets

    Learn about the innovation happening in the compilation target space. WebAssembly is only the tip of the iceberg.

  • Leaving the Ivory Tower: Modern CS Research in the Real World

    Thoughts pushing software forward, including consensus, CRDT's, formal methods & probabilistic programming.

  • Bare Knuckle Performance

    Crushing latency and getting the most out of your hardware.

  • Leading Distributed Teams

    Remote and distributed working are increasing in popularity, but many organisations underestimate the leadership challenges. Learn from those who are doing this effectively.

  • Full Cycle Developers: Lead the People, Manage the Process & Systems

    "Full cycle developers" is not just another catch phrase; it's about engineers taking ownership and delivering value, and doing so with the support of their entire organisation. Learn more from the pioneers.

  • JavaScript: Pushing the Client Beyond the Browser

    JavaScript is not just the language of the web. Join this track to learn how the innovators are pushing the boundaries of this classic language and ecosystem.

  • When Things Go Wrong: GDPR, Ethics, & Politics

    Privacy, confidentiality, safety and security: learning from the frontlines, from both good and bad experiences

  • Growing Unicorns in the EU: Building, Leading and Scaling Financial Tech Start Ups

    Learn how EU FinTech innovators have designed, built, and led both their technologies and organisations.

  • Building High Performing Teams

    There are many discussions outlining the secret sauce of high-performing teams. Learn how to balance the essential ingredients of high performing teams such as trust and delegation, as well as recognising the pitfalls and problems that will ruin any recipe.

  • Scaling Security, from Device to Cloud

    Implementing effective security is vitally important, regardless of where you are deploying software applications