Docker Security

The main goal of Docker Security training is:

• Present the participants' basic differences between virtualization and the Docker
  ecosystem.
• Show differences between Docker ecosystem and other containerization
  technologies
• Show participants networking aspects of the Docker ecosystem.
• Give the participants the knowledge accordingly to the best practices related to
  containers building. Introduce stateless, stateful, secret, registry definitions.
• Present isolation layers.
• Introduce orchestration with Kubernetes.
• Implement logging system accordingly to its importance from the security perspective.

This training is highly technical, fully practical, based on real attack and defense scenarios.

The main goal of this training is to give you confidence, you do things right and properly
accordingly to Docker security.

Agenda

• High-overview on Docker ecosystem:
  • 0x000000 --> Trainer introduction
  • 0x000001 --> Containerization overview
  • 0x000002 --> High-level overview on Docker
  • 0x000003 --> Isolation
  • 0x000004 --> Networking
  • 0x000005 --> Stateful containers
  • 0x000006 --> Secrets Management
• Running multiple-containers at once using docker-compose. Deep dive into
  Linux-host and image security topics.
  • 0x00000A --> Running multiple containers
  • 0x00000B --> Linux-host security aspects
  • 0x00000C --> Image security aspects
• The third day continues security topics starting from runtime. It introduces
  Kubernetes ecosystem and shows it security importance.
  • 0x000010 --> Runtime security aspects
  • 0x000011 --> Logging
  • 0x000012 --> Kubernetes & Security
  • 0xFFFFFF --> AMA Session
• Summary

Time Duration

2 days (9:00am - 5:00pm)

Who should attend

• Linux Administrators & Cloud Engineers
• DevOps and DevSecOps team members
• System / Network Security Engineers
• Red and Blue team members

TRAINER: KAMIL ZABIELSKI

Kamil Zabielski is