OWASP Event - The Danger of Exposing docker.sock

Join us as we launch our 2019 meeting schedule, with a special guest speaker from Offensive Security.

Free Pizza will be provided by Early Warning. Make sure to arrive early to facilitate the badging process.

We also have an unsponsored happy hour following the meet-up. It will be at the Vig, McDowell Mtn Ranch Rd.

Common containers such as traefik, nginx-proxy (jwilder), Netdata, vamp, and many more recommend exposing the Docker socket within the container. This configuration could allow for privilege and horizontal escalation in a Docker environment. Other services, like Portainer, could leave the entire host and other containers exposed on the Internet. In a recent blog post, Dejan explained the dangers of exposing the Docker Socket. During this talk he will explain the vulnerability and demo exploiting a Docker environment.

About the speaker:

Dejan is a Content Devloper at Offensive Security, and was previously the Penetration Testing Team Lead at Early Warning. He enjoys teaching and mentoring others in security. His current interests involve tinkering with IoT, home automation, and competing in CTFs.

Outside of technology, he enjoys playing soccer, woodworking, and gardening. He recently adopted a 3 year old Greyhound named Bellini.