Off the back of the Container Camp (http://2017.container.camp) conference early this week, I have been fortunate to secure Andrew Martin from the UK Home Office (https://www.gov.uk/government/organisations/home-office) to talk about insecure Docker containers.
I know that it's late notice.. but like all previous impromptu Docker All Star Meetups, this will be definitely be worth your time :)
Big shout out to Webjet for hosting and sponsoring this last minute impromptu Docker All Star Meetup.
6:20pm - 6:30 - > Networking / Drinks
6:30pm - 7:30pm -> Presentation - Andrew Martin (UK, Home Office)
7:30pm -> Pizza / Networking
Title: Insecure Containers? Continuous Defence Against Open Source Exploits
Presenter: Andrew Martin (UK Home Office)
Open Source Software underpins the internet and many enterprises, but has repeatedly proven itself vulnerable to accident and tampering. High impact exploits lead us to question our unreserved trust in Open Source, and the wisdom of its proliferation is being questioned. As we fight to continuously secure millions of servers against these waves of attacks, have we found a crucial panacea in containers?
This talk examines the anatomy of major vulnerabilities, demonstrates their applicability to containerised applications, and explores container native security tooling throughout the pipeline.
Andrew is a DevOps Lead at the UK Home Office with a strong test-first engineering background gained developing and deploying high volume web applications. He is comfortable profiling and securing every tier of a bare metal or virtualised web stack, and has battle-hardened experience delivering containerised solutions to enterprise clients.