2024-12-14 –, Workshop Room 1
This hands-on workshop aims to give you an understanding of the security features and pitfalls of modern containerization tools like Docker and Kubernetes. We’ll cover a range of topics to build up a picture of the security options available and show practical examples of attack and defence on containerized systems.
There will be hands-on labs covering common attacks on Docker, Docker containers and Kubernetes clusters.
Prerequisites – Familiarity with basic Docker commands and Linux command line use will be helpful, but we’ll provide step-by-step instructions for people who are less familiar with them.
Workshop requirements:
- A laptop with a web browser that does not have strict filtering in place (e.g. no white-list only corporate proxies) and an SSH client.
This hands-on workshop aims to give you an understanding of the security features and pitfalls of modern containerization tools like Docker and Kubernetes. We’ll cover a range of topics to build up a picture of the security options available and show practical examples of attack and defence on containerized systems.
There will be hands-on labs covering common attacks on Docker, Docker containers and Kubernetes clusters.
Prerequisites – Familiarity with basic Docker commands and Linux command line use will be helpful, but we’ll provide step-by-step instructions for people who are less familiar with them.
Workshop requirements:
- A laptop with a web browser that does not have strict filtering in place (e.g. no white-list only corporate proxies) and an SSH client.
Rory is a senior advocate for Datadog who has extensive experience with Cyber security and Cloud native computing. In addition to his work as a security reviewer and architect on containerization technologies like Kubernetes and Docker he has presented at Kubecon EU and NA, as well as a number of other cloud native and security conferences. He is one of the main authors of the CIS benchmarks for Docker and Kubernetes, a published author on the topic of Cloud Native Security, member of Kubernetes SIG-Security and CNCF TAG-Security. When he's not working, Rory can generally be found out walking and enjoying the scenery of the Scottish highlands.
Iain Smart is a Principal Consultant at AmberWolf, where he reviews cloud-native deployments and performs offensive security engagements. He enjoys playing with new technologies, and if he’s not hacking a Kubernetes cluster or attacking a build pipeline he can probably be found writing new home automations to annoy his family.
I have been working in IT for thirty years, and IT security for fifteen. My recent experience is as a pen tester, where I was a director of a small consultancy company. I've lately become interested in containerization security and am starting to become involved in this field.
I live in the Scottish Highlands with my husband, three cats and occasional pine martens. My interests are history, art, DDO, cookery and the great outdoors - not necessarily in that order.