This document discusses securing container-based applications. It covers container and OS security best practices like using Linux namespaces and cgroups for isolation, reducing the container attack surface, and hardening container images. It also discusses securing the container lifecycle through vulnerability scanning, configuration governance with Amazon ECS, and using secrets management. Finally, it shows how to automate security deployments through the CI/CD pipeline and tools like CloudFormation and CodeDeploy.