Hands-On Workshop: Container Security 101

Thursday, 27 Apr 2023 10:00AM EDT (27 Apr 2023 14:00 UTC)
Speaker: Jon Zeolla

This is a 2 hour hands-on workshop. Is your company adopting containers but you haven’t had a chance to figure out the best way to secure them yet? We’ll get hands-on with containers, learn how to examine them for common mistakes, and then add in some security controls like container image signing, create a Software Bill of Materials, and run vulnerability scans.

Learning Objectives:

Use standard utilities to create a variety of secure and insecure container images.
Perform container image signing.
Create a SBOM and then run vulnerability scans on that SBOM. Examine common gaps in SBOM generation tools.
Manually examine container image manifests, indexes, and layers.
Break out of a misconfigured “container”.

Prereqs:

Comfortable with Linux command line tools, variables, and system concepts

System Requirements:

Access to a Ubuntu 20.04 x86_64 Virtual Machine
Steps will be provided to provision this in AWS

Login to Register

Related Content

CLD_-_Aviata_Cloud_Solo_Flight_Challenge_-_General_-_Workshop_340_x_340.jpg

November 14, 2024

Aviata Cloud Solo Flight Challenge

Master cloud security by tackling this free series of workshops.

SANS Cloud Security

November 12, 2024

Cloud Security Strategy: First Principles and Future Opportunities (Part 3 of 5), Modernizing Identity: Navigating Challenges and Embracing Cloud Solutions

Legacy systems pose significant challenges in today’s cloud landscape.

SANS Cloud Security

November 12, 2024

Cloud Security Strategy: First Principles and Future Opportunities (Part 2 of 5), Secure by Design: Elevating Security Beyond Defaults

The Secure by Design approach benefits organizations by building long-term security and sustainability into their systems.

SANS Cloud Security