How I Learned Docker Security the Hard Way (So You Don’t Have To)

Closed captioning will be available in English and Japanese for all keynotes and RSAC track sessions.
Please note: All times are in SGT.
  1. Moscone South

Security professionals today struggle securing container environments. This talk will share experiences learned from migrating a legacy web application to a Docker platform. You will learn the different container security models, how attackers abuse containers, and tips on how to secure your SDLC and DevOps processes. This talk will include detailed incident response examples from an actual attack.

Learning Objectives:
1: Understand how to build container architecture securely.
2: Learn how to threat model modern applications being deployed on microservices.
3: Gain insights into how attackers are abusing containers and prevention.

Basic knowledge of networking and cloud technologies. A high-level understanding of application development and DevOps. Basic understanding of security concepts including DDoS attacks, web application security bugs and hardening Linux systems.