Attacking & Auditing Docker Containers

Abstract

Developers and Operations teams (DevOps) have moved towards containers and modern technologies. Attackers are catching up with these technologies and finding security flaws in them. In this workshop, we will look at how we can test for security issues and vulnerabilities in Dockerised environments . Throughout the workshop we will learn how we can find security misconfigurations, insecure defaults and container escape techniques to gain access to host operating system (or) clusters. In the workshop, we will look at real world scenarios where attackers compromised containers to gain the access to applications, data and other assets.

By the end of workshop participants will be able to:

  • Understand Docker security architecture
  • Audit containerised environments
  • Perform container escapes to get access to host environments

The participants will get the following:

  • A Gitbook(pdf, epub, mobi) with complete workshop content
  • Virtual machines to learn & practice
  • Other references to learn more about topics covered in the workshop

Date
Wednesday, 11 Jul 2018 00:00 UTC
Location
Nashville, TN, USA

Who should attend:

  • Penetration Testers
  • Security Engineers/Analysts
  • IT and System Administrators
  • DevOps and Security Teams

Take back to work:

  • A Gitbook(pdf, epub, mobi) with complete workshop content
  • Virtual machines to learn & practice
  • Other references to learn more about topics covered in the workshop

Topics include:

Docker, Containers, Security, Audit, DevSecOps, SecOps

Prerequisites:

  • Able to run linux cli commands
  • Basics of system administration
  • Understanding about virutalisation would be useful
  • A laptop with administrator privileges
  • 10 GB of free Hard Disk Space
  • Ideally 8 GB of RAM but minimum 4 GB
  • Laptop should support hardware-based virtualization
    • If your laptop can run a 64-bit virtual machine in Oracle VirtualBox it should work
    • Other virtualisation software might work but we will not be able to provide support for that.
Madhu Akula
Madhu Akula
Never Ending Learner!

Madhu Akula is a pragmatic security leader and creator of Kubernetes Goat, an intentionally vulnerable by design Kubernetes Cluster to learn and practice Kubernetes Security. Also published author and cloud native security researcher with an extensive experience. Also he is an active member of the international security, devops and cloud native communities (null, DevSecOps, AllDayDevOps, AWS, CNCF, USENIX, OWASP, etc). Holds industry certifications like OSCP (Offensive Security Certified Professional), CKA (Certified Kubernetes Administrator), CKS (Certified Kubernetes Security Specialist), etc. Madhu frequently speaks and runs training sessions at security events and conferences around the world including DEFCON (24, 26, 27, 28, 29, 30), BlackHat (2018, 19, 21, 22 & 23), USENIX LISA (2018, 19 & 21), SANS Cloud Security Summit 2021 & 2022, O’Reilly Velocity EU 2019, GitHub Satellite 2020, Appsec EU (2018, 19, 22), All Day DevOps (2016, 17, 18, 19, 20, 21 & 22), DevSecCon (London, Singapore, Boston), DevOpsDays India, c0c0n(2017, 18 & 20), Nullcon (2018, 19, 21 & 22), SACON 2019, Serverless Summit, null and multiple others. His research has identified vulnerabilities in over 200+ companies and organisations including; Google, Microsoft, LinkedIn, eBay, AT&T, WordPress, NTOP and Adobe, etc and credited with multiple CVE’s, Acknowledgements and rewards. He is co-author of Security Automation with Ansible2 (ISBN-13: 978-1788394512), which is listed as a technical resource by Red Hat Ansible. He is the technical reviewer for Learn Kubernetes Security, Practical Ansible2 books by Packt Pub. Also won 1st prize for building Infrastructure Security Monitoring solution at InMobi flagship hackathon among 100+ engineering teams.