IT-Consulting

Timo Pagel | Web- and Cloud Security Training Expert

Container Security​

Description

Containers have become the de facto standard for building and deploying (web) applications. However, security is often neglected, which can lead to high costs. The Container Security Training shows measures to prevent vulnerabilities and raises awareness.

Train efficiently

Content

    • Introduction to DevOps and IT security
    • Refresher on the concepts of containers
    • Hands-on analysis of threats when using containers
    • Familiarization with and implementation of measures to increase the security of clusters, images and containers

Detailed Outline:

1. Introduction to Container Security

  • Purpose and objectives of the Container Security Training
  • Importance of container security in modern application development
  • Overview of the target audience and the focus of the training
  • Introduction to DevOps principles
  • The integration of security into DevOps practices
  • Security considerations in the DevOps lifecycle

2. Container Fundamentals

Understanding containerization technology

  • Key concepts of containers:
  • Network isolation in containers and clusters
  • User namespaces
  • Docker vs. Podman
  • Image analysis with Dive

3. Threat Analysis

  • Hands-on analysis of threats when using containers
  • Identifying common vulnerabilities and attack vectors
  • Analyzing container security risks
  • Exploring resources limiting techniques

4. Security Measures

  • Implementing security measures to enhance cluster, image, and container security
  • Techniques for securing container sources and Dockerfiles
  • Detection of known vulnerabilities
  • Addressing insecure image sources

The training environment:

Target audience

All software developers and DevOps engineers with fundamentals of software development and IT systems.

Methodology

Learning by doing is one of the most important paradigms. More about the training methodology here.

Preparation

Participants each use a prepared training instance in the cloud. This means that there is no setup effort during the training! An SSH client such as Putty is required.
Prior knowledge of container technologies such as Docker is recommended, e.g. completion of the play-with-docker beginner training https://training.play-with-docker.com/beginner-linux/.

Containers are using existing Linux mechanisms, basic Linux knowledge is needed. Completion of https://ryanstutorials.net/linuxtutorial/ is recommended.

Trainer

Timo Pagel incorporates his knowledge from over 20 years in operations and development into his trainings. As a DevSecOps consultant, he not only advises at the strategic level but also lends a hand.

Arrange a free initial consultation

Contact

Contact