Container Security

Learn safe and secure development


This one-day workshop provides a grounding in how to ensure that your modern, microservice-based system is secure. You will be invited to run and hack into an example web application. We’ll then delve comprehensively into the various Docker features that will enable you to protect your real system from attack. Next you will be taken on a deeper dive into the features of Docker and techniques for setting up and running Docker, including scanning images for vulnerabilities, reducing the privileges associated with containers and securely handling sensitive information in containers.

The course is technical in nature, but the majority of the advice is high-level and applicable to any microservice or container-based system.

Who should attend?

This workshop is for both developers and operations staff that are using containers in their day-to-day work, or intend to move to a container-based system.

What can I expect from the workshop?

After this workshop you will have an overview of the main security threats faced by modern web applications as well as the tools and features of containers that can be used to limit and prevent these threats.

The course ends with a recap that highlights the most important risks to tackle first and advice on where to go from there.

Key takeaways

  • Have a wider understanding of the importance of security
  • Be aware of the major areas where security issues are likely to appear in a container-based system
  • Be aware of the tools and features available to secure a container-based system
  • Understand the relevant importance of the various threats and counter-measures
  • Describe several methods for passing sensitive information into containers and their relative merits and drawbacks
  • Describe multiple methods for reducing the level of privilege associated with a container

Topics covered

  • Why security is important
  • How to respond to a security incident
  • Scanning images for vulnerabilities
  • Limiting the privileges of running containers
  • Managing secrets (such as database passwords and API keys)

Required experience

  • Used Docker to build and deploy a containerised application
  • Worked with containerised applications
  • Basic software development
  • Basic Linux administration

Participant prerequisites

  • WiFi enabled laptop
  • Access to a Terminal and SSH client

Format & Duration

  • Classroom based, hands-on facilitated workshop
  • 1 day
  • Maximum of 12 participants

Register your interest