“How I Learned How Not To Suck At Docker Security (So You Don’t Have To)”
Information security professionals and software developers often share the same feelings about new technology, skepticism, and sometimes hatred. This is how many of might feel about technologies such as Docker and the entire concept of containers and microservices. However, DevOps teams are integrating this technology into their daily workflow with great success. IT and security teams are using Docker technologies to roll out new solutions and internal tools. Software companies are embracing Docker at an alarming rate. Why is this alarming? Security professionals and developers are not focused on the security of these platforms. This year I took a small software project and applied Docker technology to the development and operations. I laughed, I cried, I learned to hate (briefly) and learned to love. I also found that there are security issues big and small that we all need to be aware of and address as Docker technology is here to stay. So come learn from my mistakes and challenges! You will learn how to implement and secure a Docker deployment, how much more fun could you possibly have in a security talk?
Paul Asadoorian spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. He is the founder of the Security Weekly podcast network, offering several freely available shows on the the topic of information security and hacking. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones.
Get promotions and special offers directly to your inbox.