Best practices for Forensics and Incident Response in Containers

  • Tuesday, 10 Jul 2018 1:00PM EST (10 Jul 2018 17:00 UTC)
  • Speakers: Jake Williams, Knox Anderson

Almost 5 years, 48,000+ github stars, and tens of thousand of production deployments later we can safely say containers are a technology that is a here to stay. They 're developer friendly, easy to operationalize, and allow organizations to provide stable and secure services to their customers.

'While there are clear best practices for what it takes to build and run containers, there isn't as much knowledge around the performing forensic analysis of incidents that occur inside your containers.

'In this webinar we'll cover:

- How containers change incident response and forensics

- Best practices around forensic data collection in container environments

- Compare opensource and commercial forensics options '

- A live demo of multiple forensics investigations using Sysdig Inspect: an opensource container forensics tool