Securing the Container Pipeline at Salesforce - Docker Use Case

Explore a comprehensive presentation on securing Docker container pipelines at Salesforce, focusing on customer trust and security. Learn about the challenges of containerization in high-sensitivity data environments and discover the infrastructure built to address these issues. Dive into topics such as securing the container pipeline, building security into architecture, monitoring, Docker forensics (disk, memory, network), and automation. Gain insights into live memory analysis capabilities used to ensure container and application integrity during execution. Cover various aspects of container security, including threat mitigation, access control, authentication, content trust, host and container hardening, vulnerability management, network monitoring, logging, disk activity monitoring, and forensics techniques. Understand the importance of process integrity and network security in containerized environments.

Intro
Container threats
Mitigations
Dr Security
Container Pipeline
Access Control Authentication
Content Trust
Docker Infrastructure
Host hardening
Container hardening
Group access
Dark Bench for Security
Vulnerability Management
Network Monitoring
Logs
Application logs
Disk activity monitoring
Disk forensics
Super timelines
Memory forensics
Memory forensics tools
What is memory forensics
components
process integrity
summary
thank you
Questions
Networking
Monitoring
Firewall
Container Security