I had the pleasure to give a presentation at the Security Interest Group Switzerland Technology Conference about modern application stacks and how they can be used to improve infrastructure and application security posture – the slides can be found here. Besides seeing a lot of old friends, I particularly enjoyed a round table discussion on security integration into CI/CD pipelines. There was a relevant exchange on approaches that actually work and were tested in environments beyond just recommending some container scanner (product). One participant had an interesting case study on how they enabled developers to maintain WAF policies in configuration files in their code repository including automated deployment to the WAF. He also emphasized that the environments with actual security benefits resulted from a close cooperation between development and security team (were domain knowledge was combined 😉 ).
In various scenarios it might be helpful or even required to have a statically compiled version of Nmap available. This applies to e.g. scenarios where only limited user privileges are available and installing anything to the system might not be desirable.
In this article, we describe the impact of the increased use of Docker in corporate environments on forensic investigations and incident analysis. Even though Docker is being used more and more (Portworx, Inc., 2017), the implications of the changed runtime environment for forensic processes and tools have barely been considered. We describe the technological basics of Docker and, based on them, outline the differences that occur with respect to digital evidence and previously used methods for evidence acquisition. Specifically, we look at digital evidence within a Docker container which are lost or need to be acquired in different ways compared to a classical virtual machine, and what new traces and opportunities arise from Docker itself.
The conference was very well organized and attendee focused, which could be seen by the many little details found on the conference. For example you never ran out of coffee or beverages, there was a new Hallway Track where you could meet people from all disciplines, discuss about your favorite topics and there was always a place to sit and take a break between all those interesting presentations. I had the chance to speak to very nice people from different industries, most importantly in my case on the topic security. It was nice to see how the Docker community is growing and the adoption rate is increasing, especially in companies. The main focus of the conference (especially seen in talks held by people from Docker Inc.) was the Docker Enterprise Edition.
Inspiriert durch die erfolgreichen Round Table Session der TROOPERS freuen wir uns Ihnen heute mit dem AgileSecurity Insight Summit 2017 eine weitere Veranstaltung in einer Reihe zu Trend-Themen im Bereich der IT-Sicherheit vorzustellen.
Die Veranstaltung beginnt am Morgen mit einer Keynote, gefolgt von Fallstudien und Vorträgen durch interne und externe Referenten aus der Industrie. Im Anschluss werden alle Teilnehmer in zwei Gruppen aufgeteilt, die nacheinander an beiden Round-Table Sessions teilnehmen. In den Round-Table Sessions werden unter Expertenmoderation typische Problemstellungen und Lösungsansätze diskutiert. Continue reading “DevOps, Continuous Deployment & Agile Security September 7, 2017”
The following post is in German as it is covering a Training with German as the main language.
Professionelles Training im Workshop Character:
Docker, Microservices, Kubernetes, DevOps, Continuous
Integration/Deployment/Delivery (CI/CD), Container – moderne
Entwicklungsprozesse kommen nicht mehr ohne diese Begriffe aus. In diesem Kurs
lernen Sie die Security Grundlagen um diese Dinge zu beherschen.
Docker Security & (Sec) DevOps Training:
Im Training werden unter Anderem die folgenden Fragestellungen behandelt:
Wie stark/zuverlässig sind die Isolationsmechanismen hinter Docker/Linux/Betriebssystem-Containern?
Wie beeinflussen Container typische Applikations- und Netzwerk-Landschaften?
Wie beeinflussen die CI/CD/Microservice Paradigmen traditionelle Entwicklungsprozesse?
Wie sieht eine typische CI/CD Pipeline aus?
Was sind potentielle Schnittstellen zwischen „Security“ und diesen Paradigmen?
Welche zusätzlichen Security-Herausforderungen ergeben sich aus der veränderten Entwicklungslandschaft und neuen Tool-Chains?
this week I gave a presentation together with Florian Barth from Stocard on Docker, DevOps/Microservices, and Security — a topic and collaboration that I will definitely cover in even more detail in the future!