Hands-On Workshop: Container Security 101

Thursday, 27 Apr 2023 10:00AM EDT (27 Apr 2023 14:00 UTC)
Speaker: Jon Zeolla

This is a 2 hour hands-on workshop. Is your company adopting containers but you haven’t had a chance to figure out the best way to secure them yet? We’ll get hands-on with containers, learn how to examine them for common mistakes, and then add in some security controls like container image signing, create a Software Bill of Materials, and run vulnerability scans.

Learning Objectives:

Use standard utilities to create a variety of secure and insecure container images.
Perform container image signing.
Create a SBOM and then run vulnerability scans on that SBOM. Examine common gaps in SBOM generation tools.
Manually examine container image manifests, indexes, and layers.
Break out of a misconfigured “container”.

Prereqs:

Comfortable with Linux command line tools, variables, and system concepts

System Requirements:

Access to a Ubuntu 20.04 x86_64 Virtual Machine
Steps will be provided to provision this in AWS

Login to Register

Related Content

CLD_-_Aviata_Cloud_Solo_Flight_Challenge_-_General_-_Workshop_340_x_340.jpg

Aviata Cloud Solo Flight Challenge

Master cloud security by tackling this free series of workshops.

SANS Cloud Security

Security Awareness, Cybersecurity Leadership, Cloud Security, Open-Source Intelligence (OSINT), Industrial Control Systems Security, Digital Forensics, Incident Response & Threat Hunting, Cybersecurity and IT Essentials, Cyber Defense, Offensive Operations, Pen Testing, and Red Teaming, Artificial Intelligence (AI)

A Visual Summary of SANS New2Cyber Summit 2024

Check out these graphic recordings created in real-time throughout the event for SANS New2Cyber Summit 2024

CLD_-_Blog_-_Prevent_Cloud_Incidents_from_Becoming_Cloud_Breaches_340_x_340.jpg

Prevent Cloud Incidents from Becoming Cloud Breaches

Explore the mission of the newly renamed SEC510: Cloud Security Controls and Mitigations.