How I Learned Docker Security the Hard Way (So You Do Not Have To)

Learn how to build container architecture securely, threat-model modern applications deployed on microservices, and protect and manage secrets with a tool like Vault.

It can be a struggle to secure container environments. For Paul Asadoorian, founder and CEO of Security Weekly, migrating a legacy web application to a Docker platform was a true learning experience. In this talk, from the 2019 RSA Conference, he shares his hard-won knowledge about the different container security models, how attackers abuse containers, the many useful tools for protecting secrets (including HashiCorp Vault), and how to secure your software development lifecycle and DevOps processes.

He also provides detailed incident response examples from an actual attack.

More resources like this one

  • 1/6/2021
  • Case Study

Self-service discovery at scale with Consul at Bloomberg

  • 1/5/2021
  • Case Study

How Roblox Developed and Uses the Windows IIS Nomad Driver

  • 12/17/2020
  • Case Study

Consistent development and deployment at Comcast with Terraform

  • 9/2/2020
  • Case Study

Service Mesh in the Real World