This one-day workshop provides a grounding in how to ensure that your modern, microservice-based system is secure. You will be invited to run and hack into an example web application. We’ll then delve comprehensively into the various Docker features that will enable you to protect your real system from attack. Next you will be taken on a deeper dive into the features of Docker and techniques for setting up and running Docker, including scanning images for vulnerabilities, reducing the privileges associated with containers and securely handling sensitive information in containers.
The course is technical in nature, but the majority of the advice is high-level and applicable to any microservice or container-based system.
This workshop is for both developers and operations staff that are using containers in their day-to-day work, or intend to move to a container-based system.
After this workshop you will have an overview of the main security threats faced by modern web applications as well as the tools and features of containers that can be used to limit and prevent these threats.
The course ends with a recap that highlights the most important risks to tackle first and advice on where to go from there.