Hands-On Workshop: Container Security 101

  • Thursday, 27 Apr 2023 10:00AM EDT (27 Apr 2023 14:00 UTC)
  • Speaker: Jon Zeolla

This is a 2 hour hands-on workshop. Is your company adopting containers but you haven’t had a chance to figure out the best way to secure them yet? We’ll get hands-on with containers, learn how to examine them for common mistakes, and then add in some security controls like container image signing, create a Software Bill of Materials, and run vulnerability scans.

Learning Objectives:

  1. Use standard utilities to create a variety of secure and insecure container images.
  2. Perform container image signing.
  3. Create a SBOM and then run vulnerability scans on that SBOM. Examine common gaps in SBOM generation tools.
  4. Manually examine container image manifests, indexes, and layers.
  5. Break out of a misconfigured “container”.


  • Comfortable with Linux command line tools, variables, and system concepts

System Requirements:

  • Access to a Ubuntu 20.04 x86_64 Virtual Machine
  • Steps will be provided to provision this in AWS