Everyone wants the convenience of building and deploying containers, but they don’t think about the security challenges that come with it.In this landmark course by AppSecEngineer, we’ll take you on a journey through the dizzying world of container security.
Go from breaking out of containers using devious exploits, to running a gauntlet of hands-on exercises where you’ll scan, configure, and secure against real-world container breaches.
With Organizations rapidly moving towards microservice style architecture for their applications, container technology seems to be taking over at a rapid rate. Leading container technologies like Docker have risen in popularity and have been widely used because they have helped package and deploy consistent-state applications.
Security continues to remain a key challenge that both Organizations and Security practitioners face with containerized deployments. While container orchestrated deployments may be vulnerable to security threats that plague any typical application deployments, they face specific security threats related to the containerization daemon, shared kernel, shared resources, secret management, insecure configurations, role management issues and many more!
This training has been created with the objective of understanding both offensive and defensive security for container orchestrated deployments. The program shall detail through specific theory elements with extensive hands-on exercises that are similar to real-world threat scenarios that the attendees shall understand and take part in and, shall also understand ways in which containerized deployments can be attacked and made secure, yet scalable, efficient and effective.
A 360-degree view of container security: from cutting edge attack vectors, to battle-tested defensive measures.
Learn the inner workings of complex containerized deployments, and identify the various components.
Understand the weaknesses of your containers & exploit them like a real attacker.
Secure containers at every step: from container registry to post-deployment logging & monitoring.
Deep dive into Docker & beyond
Various container escape methods
Securing container supply chains
Scanning & fixing insecure containers
Crafted on Real-world training for product security teams
Hands-on Experience: Engage with real-world scenarios in a controlled, cloud-based lab environment to apply learning directly.
Immediate Application: Implement Threat Modeling tools and techniques instantly, enhancing retention and understanding.
Access to Specialized Tooling: Utilize advanced Threat Modeling software and LLMs without needing to set up or maintain the infrastructure.
Safe Learning Space: Experiment and learn from mistakes in a risk-free sandbox, encouraging exploration and innovation.
Basic understanding of application security principles.
Familiarity with software development and the software development lifecycle (SDLC).
Some experience in security practices and methodologies is beneficial
For a optimal learning experience in this course, participants should use a laptop with Windows 10/11, the latest macOS, or a modern Linux distribution, equipped with an Intel i5 processor or equivalent (i7 recommended), at least 8GB of RAM (16GB preferred), and 20GB of free disk space. A stable, high-speed internet connection is essential for accessing streaming content and cloud-based labs, alongside the latest versions of Google Chrome, Mozilla Firefox, or Safari with JavaScript enabled. Participants must have administrative rights to install necessary software and a modern code editor like Visual Studio Code.
10
help@appsecengineer.com
United States
11166 Fairfax Boulevard, 500, Fairfax, VA 22030
APAC
68 Circular Road, #02-01, 049422, Singapore