Our Docker App Got Hacked - Now What
Offered By: YouTube
Course Description
Overview
Explore the aftermath of a Docker app hack in this BSidesRDU 2018 conference talk. Dive into the anatomy of Docker containers, learn live and cold capture techniques, and understand image listing and metadata analysis. Examine container metadata, disk content, and anticipated layers. Investigate storage backends like Overlay2 and DeviceMapper, discovering how to find container storage and access individual layers. Follow along with practical examples, including mounting layers and conducting further analysis. Gain valuable insights into post-hack forensics and containment strategies for Docker environments.
Syllabus
Intro
GOALS
ANATOMY
LIVE CAPTURE
COLD CAPTURE
IMAGE LISTING
IMAGE METADATA
CONTAINER METADATA
WHAT ABOUT DISK CONTENT?
ANTICIPATED LAYERS
STORAGE BACKEND: OVERLAY2
FINDING CONTAINER STORAGE
CONTAINER R/W LAYER
TOP IMAGE LAYER
RAW OVERLAYFS
WHAT ABOUT THE DURIAN?
EASY BUTTON!
STORAGE BACKEND: DEVICEMAPPER
THIN POOL DEVICES
ACCESSING A LAYER
MOUNTING THE LAYER
FURTHER ANALYSIS
SUMMARY
EXAMPLE CONTAINER
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube