Catching fire with Docker, DevOps & Security in Enterprise Environments

Docker has become the go-to technology in enterprise- and DevOps contexts. Yet, before mastering a skill, there is the thumb rule: one must learn the basics to have solid fundament before building a house on top.

Simon and I start from the very beginning. We introduce you to the fundamental concepts of containers starting at process isolation and extending our tour to the whole ecosystem of Docker and further associated technologies. We will cover Docker, microservices, containers, DevOps, continuous integration/deployment/delivery – all those fancy buzzwords that can be read in the context of modern software development methodologies.

Our training answers the questions, how Docker and microservices leave their marks in existing infrastructures and how the microservice paradigm might influence the security stance of modern application architectures. Based on the foundational knowledge about containers, we will dive into the world of Kubernetes with hands-on training setting up our own cluster. Best practices for the container orchestrator, isolating services from each other in overlay networks, and leveraging logging and monitoring capabilities in a cluster environment will be an essential part of this tour. As our main concern is the security of those DevOps technologies, of course we will slip into the role of an attacker, who compromises a pod in the cluster and escalates her privileges to cluster admin – the ultimate attack goal within DevOps environments. While attacking is only the first (and often easier) step, pitfalls in form of misconfiguration and further attack vectors are discussed. Afterwards, viable countermeasures in form of best practices, hardening guides, and of course security architecture related food for thought will be provided.

After having absolved the training, every attendee has a solid understanding of Docker, Kubernetes as well as the security challenges that those complex technologies bear.

Simon and I are happy to present this special training on this year’s edition of TROOPERS and looking forward to seeing you there!

Check it out on TROOPERS website!

Simon & Jan