“Running a Tight Ship”? – A Security Model for Docker Environments
16:10 - 17:00
With the continuing success of the Docker engine, containers are increasingly moving from build chains into production environments. So it's high time to assess the current state of security of one’s container environment. Luckily, the Docker eco system is beginning to provide more and more tools to deploy security measures – some of the them being already active per default. At the same time, several pitfalls exist that could lead to a vulnerable environment.
The talk aims to present a security model covering multiple layers from building images, to the Docker host, and daemon, and up to containers at runtime while focusing on the knobs and levers for building a secure system.
Dustin Huptas works at Germany-based Cassini Consulting, where he builds and optimizes system and network architectures, feeling home at the operations and shell level, from OSI layer 2 upwards and in DevOps-minded environments. He’s especially interested in systems and network security and the ever-changing infrastructure models.