SE-Radio Episode 290: Diogo Mónica on Docker Security

Filed in Episodes by on May 9, 2017 3 Comments

USE-100X125-Diogo_Monica_Docker_hoodie_SquareDocker Security Team lead Diogo Mónica talks with SE Radio’s Kim Carter about Docker Security aspects. Simple Application Security, which hasn’t changed much over the past 15 years, is still considered the most effective way to improve security around Docker containers and infrastructure. The discussion explores characteristics such as Immutability, the copy-on-write filesystem, as well as orchestration principles that are baked into Docker Swarm, such as mutual TLS/PKI by default, secrets distribution, least privilege, content scanning, image signatures, and secure/trusted build pipelines. Diogo also shares his thoughts around the attack surface of the Linux kernel; networking, USB, and driver APIs; and the fact that application security remains more important to focus our attention on and get right.

Related Links

Holistic Info-Sec for Web Developers sections on Docker:


Tags: , , , , , ,