Advanced Docker & Kubernetes Defense

Containers are a big revolution in the software industry. They bring production to the local environment without thinking about compatibilities: with a few commands anyone can have containers running on their machines. When using containers locally, they seem to be neither complex nor complicated to secure and developers have the power of packaging applications that will behave exactly as tested. Enterprises can then split them into scalable microservices.

However, this changes when the ecosystem grows dramatically and thousands of containers with a variety of roles and flavours are orchestrated to maintain availability. While these huge environments have great benefits, their complexity enlarges the attack surface exponentially. Just through a single misconfiguration of some of the infinite customization features they offer, chaos can arise. So what can be done to protect these containerized realms?

This training will explain how to implement advanced security features to secure the Docker daemon, its core components, container execution and Swarm/Kubernetes orchestrated environments.

Topics:

• Securing the Docker Daemon and its Core Components
  • Rootless mode
  • Docker Socket protection
  • API Authentication and Authorization
• Securing Docker Containers
  • Kernel Namespaces
  • Kernel Capabilities
  • System Calls Restriction
  • Mandatory Access Control
  • UID & GID Management
  • Control Groups
• Securing Docker Images
  • Distroless
  • Multistage builds
  • Best practices
  • Vulnerability scanners
• Securing Swarm Environments
  • Network Traffic Encryption
  • Network Isolation
  • Swarm Secrets
  • Raft-logs Key Encryption
  • UCP Security
  • DTR Security
• Securing Kubernetes Environments
  • API Authentication
  • API Authorization
  • Security Context
  • Security Policies
  • Network Policies