Our Docker App Got Hacked - Now What
Offered By: YouTube
Course Description
Overview
Explore the aftermath of a Docker app hack in this BSidesRDU 2018 conference talk. Dive into the anatomy of Docker containers, learn live and cold capture techniques, and understand image listing and metadata analysis. Examine container metadata, disk content, and anticipated layers. Investigate storage backends like Overlay2 and DeviceMapper, discovering how to find container storage and access individual layers. Follow along with practical examples, including mounting layers and conducting further analysis. Gain valuable insights into post-hack forensics and containment strategies for Docker environments.
Syllabus
Intro
GOALS
ANATOMY
LIVE CAPTURE
COLD CAPTURE
IMAGE LISTING
IMAGE METADATA
CONTAINER METADATA
WHAT ABOUT DISK CONTENT?
ANTICIPATED LAYERS
STORAGE BACKEND: OVERLAY2
FINDING CONTAINER STORAGE
CONTAINER R/W LAYER
TOP IMAGE LAYER
RAW OVERLAYFS
WHAT ABOUT THE DURIAN?
EASY BUTTON!
STORAGE BACKEND: DEVICEMAPPER
THIN POOL DEVICES
ACCESSING A LAYER
MOUNTING THE LAYER
FURTHER ANALYSIS
SUMMARY
EXAMPLE CONTAINER
Related Courses
Academia de auditoría en la nube: independencia en la nube (Español LATAM) | Cloud Audit Academy - Cloud Agnostic (Spanish from Latin America)Amazon Web Services via AWS Skill Builder AWS Certified DevOps Engineer – Professional
A Cloud Guru AWS Certified DevOps Engineer - Professional 2020
A Cloud Guru CompTIA CySA+ Certification
A Cloud Guru Advanced Network Security
LearnQuest via Coursera