Container Security: Supply Chain, Authorization, and Runtime Protection
Offered By: Docker via YouTube
Course Description
Overview
Explore key areas of container security in this comprehensive conference talk from the Open Source Summit. Dive into securing the supply chain, focusing on code insertion into containers, signing, provenance, and control, with insights from Santiago Torres and Justin Cappos on in-toto and TUF. Learn about policy and authorization for controlling deployments, featuring Tim Hinrichs' discussion on Open Policy Agent. Discover techniques for securing container runtimes, including the runc container escape and the initiation of a container escape bounty, presented by Michael Wardrop from Netflix. Engage in roundtable discussions and bird-of-a-feather sessions following the presentations. Benefit from the expertise of industry leaders including Tim Hinrichs (CTO, Styra), Justin Cormack (Security Engineer, Docker), Michael Wardrop (Senior Security Software Engineer, Netflix), Justin Cappos (Professor, NYU), and Santiago Torres-Arias (PhD Candidate, New York University) in this 75-minute session on cutting-edge container security practices.
Syllabus
Open Source Summit: Security
Taught by
Docker
Related Courses
Securing Your Infrastructure as Code PipelineLinux Foundation via YouTube Toto-Ally TUF: Simple Tools for a Secure Software Supply Chain
Linux Foundation via YouTube Software Supply Chain Security Case Study at Anaconda
Linux Foundation via YouTube In-Toto: Attestations and Software Supply Chain Security
CNCF [Cloud Native Computing Foundation] via YouTube Verifying Software Signatures with TUF and Sigstore
CNCF [Cloud Native Computing Foundation] via YouTube