Export to
Monday, December 17, 2018 at 8:57am.
OWASP Portland Chapter Meeting - Docker Security
Access Notes
Check in at the security desk to get access to the 27th floor. This usually isn't required for official events and meetups.
Come up to 27th floor! Pizza and drinks will be provided.
Website
Description
Docker has become a very popular tool for deploying server applications. It aims to solve many problems with dependency management and drift between development and production environments, and make it easy for developers to deploy their software quickly.
This talk is about how to use all of this wonderful convenience for evil. It will cover Docker containers and how they work (and how to infect them with malware), some services commonly used in Docker infrastructure and how to find and exploit them, and some Docker-specific post-exploitation strategies. It will also cover best practices for mitigating and detecting attacks on your Docker infrastructure and how to create a healthy security culture among your Docker engineers.
Josh is a Linux security practitioner and developer based in Portland, Oregon. He works as a security engineer at New Relic, where he builds security visibility tools, breaks SaaS software, and helps developers build secure infrastructure.