Presentation
How I Learned Docker Security the Hard Way (So You Do Not Have To)
Learn how to build container architecture securely, threat-model modern applications deployed on microservices, and protect and manage secrets with a tool like Vault.
It can be a struggle to secure container environments. For Paul Asadoorian, founder and CEO of Security Weekly, migrating a legacy web application to a Docker platform was a true learning experience. In this talk, from the 2019 RSA Conference, he shares his hard-won knowledge about the different container security models, how attackers abuse containers, the many useful tools for protecting secrets (including HashiCorp Vault), and how to secure your software development lifecycle and DevOps processes.
He also provides detailed incident response examples from an actual attack.
