Securing Docker Container Workloads

Docker containers are a mainstream mechanism for application delivery, and securing the container workload is vital. This course will give you the knowledge and techniques you need for securing containerized software applications.
Course info
Rating
(25)
Level
Intermediate
Updated
Jan 22, 2018
Duration
3h 14m
Table of contents
Course Overview
Isolating Container Workloads with Linux Namespaces
Controlling Access to Resources Using Control Groups
Managing the Privileges Available to a Container Workload
Limiting the System Calls Available to Container Workloads
Implementing Access Control for Container Workloads
Description
Course info
Rating
(25)
Level
Intermediate
Updated
Jan 22, 2018
Duration
3h 14m
Description

Packaging, distributing, and running software applications in containers is no longer a pastime just for early adopters. Containers are mainstream, and with that comes a concern about the security and integrity of containers as an application delivery mechanism. In this course, Securing Docker Container Workloads, you'll learn how to secure your application workloads from the perspective of the container itself. First, you'll learn about the Linux security mechanisms that go together to create the abstract concept of the container, and how they work together to ensure that containers are good neighbors. Next, you'll explore the privileges that are available to container workloads, and how you can adopt and apply the principle of least privilege to reduce the risk of privilege escalation. Finally, you'll see how to minimize the attack surface available from within a container by limiting the access it has to the kernel and other system objects. By the end of this course, you'll be equipped with the knowledge and techniques necessary for securing your Docker container workloads.

About the author
About the author

Nigel is an IT professional with over 25 years of experience, gained in technical and management roles, including as CEO of a technical consulting organization. He has recently returned to his technical roots, and provide tuition in the domain of microservices and container technologies.

More from the author
Securing the Docker Platform
Beginner
4h 7m
Jun 21, 2018
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everybody. I'm Nigel Brown, and welcome to my course, Securing Docker Container Workloads. In some corners of the IT world, containers are viewed with some skepticism when it comes to security. This skepticism is unwarranted, and if you take some time to apply some standard security mechanisms, you can make your container workloads pretty hard to compromise. This course is all about applying Linux security mechanisms from the perspective of container application workloads. In this course, the main topics that we'll cover include the use of namespaces and control groups, which provide isolation, applying the principle of least privilege in order to better protect our containers, reducing the attack surface available to container workloads, and implementing controls to limit access to system objects. We're not going to turn you into a Linux security expert, but by the end of the course, you'll have a thorough understanding of the security mechanisms at your disposal for making your container application workloads more secure. Before beginning the course, you should have some practical experience of Linux and some familiarity with the Docker platform and its commandline interface. If you've ever wondered whether it's safe to run your applications in Docker containers, or what it takes to make them as secure as possible, then join me to discover how to secure your Docker container workloads.