SlideShare a Scribd company logo

Securing the Socks Shop

J
Jason Smith

Slides from the Docker Randstad meetup presentation

1 of 44
Download to read offline
SECURING THE SOCKS SHOP Exploring Microservice Security in an Open Source Sock Shop
Jason Smith Senior Software Engineer @jasonrichardsmi
Phil Winder Freelance Engineer @DrPhilWinder Winder Research
1. Context Simple Security Measures
Top Tip Limit the surface area
Limiting the surface area Large surface area Small surface area
SECURITY IS HARD Failure exploration is the beginning Icon by http://www.flaticon.com/authors/dave-gandy
One example Failure Exploration Network segmentation and policy, Container security, Orchestrator Security Application Security, External threats Backup security, Organisational issues, Responsibility issues, ... If you read this then you’ve read too far
Today ○ Container security ○ Network segmentation
SOCK SHOP An open source reference microservices architecture Icon by http://www.flaticon.com/authors/freepik
git.io/sock-shop github.com/microservices-demo/microservices-demo
2. Container Security
Container-level security aspects ○ Restraint ○ Immutability ○ Provenance ○ Hardened OS’s, modules and policies
MD front-end Dockerfile FROM mhart/alpine-node:6.3 RUN mkdir -p /usr/src/app WORKDIR /usr/src/app COPY . /usr/src/app RUN npm install ENV NODE_ENV "production" ENV PORT 8079 EXPOSE 8079 CMD ["npm", "start"]
MD front-end docker-compose services: front-end: image: weaveworksdemos/front-end:9093ed8f9be68d2497b cb92587b01db6ac8197fe hostname: front-end restart: always environment: - reschedule=on-node-failure networks: - mynetwork
CONTAINER USER So you haven’t set a USER? Icon by http://www.flaticon.com/authors/elias-bikbulatov
MD front-end Dockerfile FROM mhart/alpine-node:6.3 RUN mkdir -p /usr/src/app WORKDIR /usr/src/app COPY . /usr/src/app RUN npm install ENV NODE_ENV "production" ENV PORT 8079 EXPOSE 8079 CMD ["npm", "start"]
Let’s add some nasties docker-compose exec front-end sh apk add sl --update-cache --repository http://dl-3.alpinelinux.org/alpine/edge/testing/ --allow-untrust && export TERM=xterm && sl
READ-ONLY So you’re filesystem isn’t read only? Icon by http://flaticons.net/
MD front-end docker-compose services: front-end: image: weaveworksdemos/front-end:9093ed8f9be68d2497b cb92587b01db6ac8197fe hostname: front-end restart: always environment: - reschedule=on-node-failure networks: - mynetwork
Let’s add some nasties docker-compose exec front-end sh echo "<h1>Phil, you’re such a good presenter. Everyone is loving the talk. Even those at the back sleeping. They’re dreaming about you...</h1><img src="http://www.mememaker.net/static/images/memes/4395158.jpg"/>" > public/index.html
Capabilities Kernel level operation permissions Icon by http://freepik.com/
Where haz caps? KernelContainer Orchestrator
MD catalogue Dockerfile FROM busybox:1 EXPOSE 80 COPY app / CMD ["/app", "-port=80"]
MD catalogue Dockerfile FROM busybox:1 RUN addgroup mygroup && adduser -D -G mygroup myuser USER myuser EXPOSE 80 COPY app / CMD ["/app", "-port=80"]
MD catalogue Dockerfile FROM alpine:3.4 RUN addgroup mygroup && adduser -D -G mygroup myuser && apk add --update libcap EXPOSE 80 COPY app / RUN chmod +x /app && chown -R myuser:mygroup /app && setcap 'cap_net_bind_service=+ep' /app USER myuser CMD ["/app", "-port=80"]
MD docker-compose services: catalogue: ... cap_drop: - all cap_add: - NET_BIND_SERVICE read_only: true ...
The result? apk add sl --update-cache --repository http://dl-3.alpinelinux.org/alpine/edge/testing/ --allow-untrust && export TERM=xterm && sl echo "This won’t work" > public/index.html grep Cap /proc/self/status
Top Tip User, read-only, caps.
11,788 People taken to hospital following accidents while putting on socks, tights or stockings in the UK, 2003
5-10 People die each year putting on socks in the UK
3. Network Segmentation
Image by Remember To Play
Trump’s Firewall Machine-levelfirewall
Network Segmentation External Internal Back-Office
Shipping docker-compose shipping: image: weaveworksdemos/shipping hostname: shipping ... networks: - backoffice
4. Wrap up
Let’s review some concepts User Set a user in your Dockerfiles so they don’t run as root Immutable Make the root container file system read only Restraint Prevent unauthorised execution Network Segmentation Prevent inter-network access Global firewall Block everything, minimise the surface area Network Policy Be a bouncer, tell your containers who’s allowed access
WHERE? git.io/sock-shop github.com/microservices-demo/microservices-demo Go, try, star, contribute Place your screenshot here

Recommended

Bigger On The Inside
Bigger On The InsideBigger On The Inside
Bigger On The Inside
Michael Carson
 
Trendmicro Security Award 2012 Final Presentation
Trendmicro Security Award 2012 Final PresentationTrendmicro Security Award 2012 Final Presentation
Trendmicro Security Award 2012 Final Presentation
Hiromu Yakura
 
20+ Ways to Bypass Your macOS Privacy Mechanisms
20+ Ways to Bypass Your macOS Privacy Mechanisms20+ Ways to Bypass Your macOS Privacy Mechanisms
20+ Ways to Bypass Your macOS Privacy Mechanisms
SecuRing
 
IWMW 1999: Web SIte Security
IWMW 1999: Web SIte SecurityIWMW 1999: Web SIte Security
IWMW 1999: Web SIte Security
IWMW
 
DevOpsDaysRiga 2017 Ignite: Daniel Houston - Thinking outside the box: The Do...
DevOpsDaysRiga 2017 Ignite: Daniel Houston - Thinking outside the box: The Do...DevOpsDaysRiga 2017 Ignite: Daniel Houston - Thinking outside the box: The Do...
DevOpsDaysRiga 2017 Ignite: Daniel Houston - Thinking outside the box: The Do...
DevOpsDays Riga
 
Virus part1
Virus part1Virus part1
Virus part1
Ajay Banyal
 
iThome CyberSec2021 Container Security
iThome CyberSec2021 Container SecurityiThome CyberSec2021 Container Security
iThome CyberSec2021 Container Security
Jie Liau
 
Reversing malware analysis training part10 exploit development basics
Reversing malware analysis training part10 exploit development basicsReversing malware analysis training part10 exploit development basics
Reversing malware analysis training part10 exploit development basics
Cysinfo Cyber Security Community
 

Recommended

Bigger On The Inside
Bigger On The InsideBigger On The Inside
Bigger On The Inside
Michael Carson
 
Trendmicro Security Award 2012 Final Presentation
Trendmicro Security Award 2012 Final PresentationTrendmicro Security Award 2012 Final Presentation
Trendmicro Security Award 2012 Final Presentation
Hiromu Yakura
 
20+ Ways to Bypass Your macOS Privacy Mechanisms
20+ Ways to Bypass Your macOS Privacy Mechanisms20+ Ways to Bypass Your macOS Privacy Mechanisms
20+ Ways to Bypass Your macOS Privacy Mechanisms
SecuRing
 
IWMW 1999: Web SIte Security
IWMW 1999: Web SIte SecurityIWMW 1999: Web SIte Security
IWMW 1999: Web SIte Security
IWMW
 
DevOpsDaysRiga 2017 Ignite: Daniel Houston - Thinking outside the box: The Do...
DevOpsDaysRiga 2017 Ignite: Daniel Houston - Thinking outside the box: The Do...DevOpsDaysRiga 2017 Ignite: Daniel Houston - Thinking outside the box: The Do...
DevOpsDaysRiga 2017 Ignite: Daniel Houston - Thinking outside the box: The Do...
DevOpsDays Riga
 
Virus part1
Virus part1Virus part1
Virus part1
Ajay Banyal
 
iThome CyberSec2021 Container Security
iThome CyberSec2021 Container SecurityiThome CyberSec2021 Container Security
iThome CyberSec2021 Container Security
Jie Liau
 
Reversing malware analysis training part10 exploit development basics
Reversing malware analysis training part10 exploit development basicsReversing malware analysis training part10 exploit development basics
Reversing malware analysis training part10 exploit development basics
Cysinfo Cyber Security Community
 
Protecting Your Internet Route Integrity
Protecting Your Internet Route IntegrityProtecting Your Internet Route Integrity
Protecting Your Internet Route Integrity
Jie Liau
 
Securing Your WordPress Website - WordCamp Sydney 2012
Securing Your WordPress Website - WordCamp Sydney 2012Securing Your WordPress Website - WordCamp Sydney 2012
Securing Your WordPress Website - WordCamp Sydney 2012
Vlad Lasky
 
IOS Security Basics - NULL/ OWASP/G4H Meet
IOS Security Basics - NULL/ OWASP/G4H MeetIOS Security Basics - NULL/ OWASP/G4H Meet
IOS Security Basics - NULL/ OWASP/G4H Meet
Anthony Jose
 
Primer on password security
Primer on password securityPrimer on password security
Primer on password security
securityxploded
 
Shellshock bug
Shellshock bugShellshock bug
Shellshock bug
Raashid Muhammed
 
IT103Microsoft Windows XP/OS Chap01
IT103Microsoft Windows XP/OS Chap01IT103Microsoft Windows XP/OS Chap01
IT103Microsoft Windows XP/OS Chap01blusmurfydot1
 
Intel McAfee DeepSAFE Technology
Intel McAfee DeepSAFE TechnologyIntel McAfee DeepSAFE Technology
Intel McAfee DeepSAFE Technology
Can Your Security
 
How to build an admin guy
How to build an admin guyHow to build an admin guy
How to build an admin guyMohamed Aboul-Fotouh
 
Exploiting publically exposed Version Control System
Exploiting publically exposed Version Control SystemExploiting publically exposed Version Control System
Exploiting publically exposed Version Control System
Anant Shrivastava
 
Slides null puliya linux basics
Slides null puliya linux basicsSlides null puliya linux basics
Slides null puliya linux basics
Anant Shrivastava
 
Null bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web ApplicationNull bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web Application
Anant Shrivastava
 
Boost Smooth Scrolling with iOS 10 Pre-Fetching APIs
Boost Smooth Scrolling with iOS 10 Pre-Fetching APIsBoost Smooth Scrolling with iOS 10 Pre-Fetching APIs
Boost Smooth Scrolling with iOS 10 Pre-Fetching APIs
Andrea Prearo
 
Shell Shock (Bash Bug)
Shell Shock (Bash Bug)Shell Shock (Bash Bug)
Shell Shock (Bash Bug)
Kurapati Vishwak
 
ShellShock (Software BASH Bug)
ShellShock (Software BASH Bug)ShellShock (Software BASH Bug)
ShellShock (Software BASH Bug)
ViSolve, Inc.
 
Shellshock - A Software Bug
Shellshock - A Software BugShellshock - A Software Bug
Shellshock - A Software Bug
vwchu
 
Git in 10 minutes
Git in 10 minutesGit in 10 minutes
Git in 10 minutes
Safique Ahmed Faruque
 
Git 101
Git 101Git 101
Git 101
jayrparro
 
Introduction to Git
Introduction to GitIntroduction to Git
Introduction to Git
Colin Su
 
Introduction to Docker by Adrian Mouat
Introduction to Docker by Adrian MouatIntroduction to Docker by Adrian Mouat
Introduction to Docker by Adrian Mouat
Container Solutions
 
Harvard ABCD-WWW Git presentation
Harvard ABCD-WWW Git presentationHarvard ABCD-WWW Git presentation
Harvard ABCD-WWW Git presentationJeff Byrnes
 
How to be successful running Docker in Production
How to be successful running Docker in ProductionHow to be successful running Docker in Production
How to be successful running Docker in Production
Docker, Inc.
 
Windows Server Containers- How we hot here and architecture deep dive
Windows Server Containers- How we hot here and architecture deep diveWindows Server Containers- How we hot here and architecture deep dive
Windows Server Containers- How we hot here and architecture deep dive
Docker, Inc.
 

More Related Content

What's hot

Protecting Your Internet Route Integrity
Protecting Your Internet Route IntegrityProtecting Your Internet Route Integrity
Protecting Your Internet Route Integrity
Jie Liau
 
Securing Your WordPress Website - WordCamp Sydney 2012
Securing Your WordPress Website - WordCamp Sydney 2012Securing Your WordPress Website - WordCamp Sydney 2012
Securing Your WordPress Website - WordCamp Sydney 2012
Vlad Lasky
 
IOS Security Basics - NULL/ OWASP/G4H Meet
IOS Security Basics - NULL/ OWASP/G4H MeetIOS Security Basics - NULL/ OWASP/G4H Meet
IOS Security Basics - NULL/ OWASP/G4H Meet
Anthony Jose
 
Primer on password security
Primer on password securityPrimer on password security
Primer on password security
securityxploded
 
Shellshock bug
Shellshock bugShellshock bug
Shellshock bug
Raashid Muhammed
 
IT103Microsoft Windows XP/OS Chap01
IT103Microsoft Windows XP/OS Chap01IT103Microsoft Windows XP/OS Chap01
IT103Microsoft Windows XP/OS Chap01blusmurfydot1
 
Intel McAfee DeepSAFE Technology
Intel McAfee DeepSAFE TechnologyIntel McAfee DeepSAFE Technology
Intel McAfee DeepSAFE Technology
Can Your Security
 
Exploiting publically exposed Version Control System
Exploiting publically exposed Version Control SystemExploiting publically exposed Version Control System
Exploiting publically exposed Version Control System
Anant Shrivastava
 
Slides null puliya linux basics
Slides null puliya linux basicsSlides null puliya linux basics
Slides null puliya linux basics
Anant Shrivastava
 
Null bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web ApplicationNull bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web Application
Anant Shrivastava
 
Boost Smooth Scrolling with iOS 10 Pre-Fetching APIs
Boost Smooth Scrolling with iOS 10 Pre-Fetching APIsBoost Smooth Scrolling with iOS 10 Pre-Fetching APIs
Boost Smooth Scrolling with iOS 10 Pre-Fetching APIs
Andrea Prearo
 
Shell Shock (Bash Bug)
Shell Shock (Bash Bug)Shell Shock (Bash Bug)
Shell Shock (Bash Bug)
Kurapati Vishwak
 
ShellShock (Software BASH Bug)
ShellShock (Software BASH Bug)ShellShock (Software BASH Bug)
ShellShock (Software BASH Bug)
ViSolve, Inc.
 
Shellshock - A Software Bug
Shellshock - A Software BugShellshock - A Software Bug
Shellshock - A Software Bug
vwchu
 

What's hot (15)

Protecting Your Internet Route Integrity
Protecting Your Internet Route IntegrityProtecting Your Internet Route Integrity
Protecting Your Internet Route Integrity
 
Securing Your WordPress Website - WordCamp Sydney 2012
Securing Your WordPress Website - WordCamp Sydney 2012Securing Your WordPress Website - WordCamp Sydney 2012
Securing Your WordPress Website - WordCamp Sydney 2012
 
IOS Security Basics - NULL/ OWASP/G4H Meet
IOS Security Basics - NULL/ OWASP/G4H MeetIOS Security Basics - NULL/ OWASP/G4H Meet
IOS Security Basics - NULL/ OWASP/G4H Meet
 
Primer on password security
Primer on password securityPrimer on password security
Primer on password security
 
Shellshock bug
Shellshock bugShellshock bug
Shellshock bug
 
IT103Microsoft Windows XP/OS Chap01
IT103Microsoft Windows XP/OS Chap01IT103Microsoft Windows XP/OS Chap01
IT103Microsoft Windows XP/OS Chap01
 
Intel McAfee DeepSAFE Technology
Intel McAfee DeepSAFE TechnologyIntel McAfee DeepSAFE Technology
Intel McAfee DeepSAFE Technology
 
How to build an admin guy
How to build an admin guyHow to build an admin guy
How to build an admin guy
 
Exploiting publically exposed Version Control System
Exploiting publically exposed Version Control SystemExploiting publically exposed Version Control System
Exploiting publically exposed Version Control System
 
Slides null puliya linux basics
Slides null puliya linux basicsSlides null puliya linux basics
Slides null puliya linux basics
 
Null bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web ApplicationNull bhopal Sep 2016: What it Takes to Secure a Web Application
Null bhopal Sep 2016: What it Takes to Secure a Web Application
 
Boost Smooth Scrolling with iOS 10 Pre-Fetching APIs
Boost Smooth Scrolling with iOS 10 Pre-Fetching APIsBoost Smooth Scrolling with iOS 10 Pre-Fetching APIs
Boost Smooth Scrolling with iOS 10 Pre-Fetching APIs
 
Shell Shock (Bash Bug)
Shell Shock (Bash Bug)Shell Shock (Bash Bug)
Shell Shock (Bash Bug)
 
ShellShock (Software BASH Bug)
ShellShock (Software BASH Bug)ShellShock (Software BASH Bug)
ShellShock (Software BASH Bug)
 
Shellshock - A Software Bug
Shellshock - A Software BugShellshock - A Software Bug
Shellshock - A Software Bug
 

Viewers also liked

Git in 10 minutes
Git in 10 minutesGit in 10 minutes
Git in 10 minutes
Safique Ahmed Faruque
 
Git 101
Git 101Git 101
Git 101
jayrparro
 
Introduction to Git
Introduction to GitIntroduction to Git
Introduction to Git
Colin Su
 
Introduction to Docker by Adrian Mouat
Introduction to Docker by Adrian MouatIntroduction to Docker by Adrian Mouat
Introduction to Docker by Adrian Mouat
Container Solutions
 
Harvard ABCD-WWW Git presentation
Harvard ABCD-WWW Git presentationHarvard ABCD-WWW Git presentation
Harvard ABCD-WWW Git presentationJeff Byrnes
 
How to be successful running Docker in Production
How to be successful running Docker in ProductionHow to be successful running Docker in Production
How to be successful running Docker in Production
Docker, Inc.
 
Windows Server Containers- How we hot here and architecture deep dive
Windows Server Containers- How we hot here and architecture deep diveWindows Server Containers- How we hot here and architecture deep dive
Windows Server Containers- How we hot here and architecture deep dive
Docker, Inc.
 

Viewers also liked (7)

Git in 10 minutes
Git in 10 minutesGit in 10 minutes
Git in 10 minutes
 
Git 101
Git 101Git 101
Git 101
 
Introduction to Git
Introduction to GitIntroduction to Git
Introduction to Git
 
Introduction to Docker by Adrian Mouat
Introduction to Docker by Adrian MouatIntroduction to Docker by Adrian Mouat
Introduction to Docker by Adrian Mouat
 
Harvard ABCD-WWW Git presentation
Harvard ABCD-WWW Git presentationHarvard ABCD-WWW Git presentation
Harvard ABCD-WWW Git presentation
 
How to be successful running Docker in Production
How to be successful running Docker in ProductionHow to be successful running Docker in Production
How to be successful running Docker in Production
 
Windows Server Containers- How we hot here and architecture deep dive
Windows Server Containers- How we hot here and architecture deep diveWindows Server Containers- How we hot here and architecture deep dive
Windows Server Containers- How we hot here and architecture deep dive
 

Similar to Securing the Socks Shop

maven-for-maine-jug-090226091601-phpapp02.ppt
maven-for-maine-jug-090226091601-phpapp02.pptmaven-for-maine-jug-090226091601-phpapp02.ppt
maven-for-maine-jug-090226091601-phpapp02.ppt
nikhilmahendranath1
 
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Patrick Chanezon
 
Apparmor
ApparmorApparmor
Apparmor
n|u - The Open Security Community
 
Droidcon it-2014-marco-grassi-viaforensics
Droidcon it-2014-marco-grassi-viaforensicsDroidcon it-2014-marco-grassi-viaforensics
Droidcon it-2014-marco-grassi-viaforensics
viaForensics
 
DCSF 19 Building Your Development Pipeline
DCSF 19 Building Your Development Pipeline DCSF 19 Building Your Development Pipeline
DCSF 19 Building Your Development Pipeline
Docker, Inc.
 
Weave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapWeave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 Recap
Patrick Chanezon
 
The Golden Ticket: Docker and High Security Microservices by Aaron Grattafiori
The Golden Ticket: Docker and High Security Microservices by Aaron GrattafioriThe Golden Ticket: Docker and High Security Microservices by Aaron Grattafiori
The Golden Ticket: Docker and High Security Microservices by Aaron Grattafiori
Docker, Inc.
 
What is this "docker"
What is this "docker" What is this "docker"
What is this "docker"
Jean-Marc Meessen
 
Security Tips to run Docker in Production
Security Tips to run Docker in ProductionSecurity Tips to run Docker in Production
Security Tips to run Docker in Production
Gianluca Arbezzano
 
Shifting security to the left with kubernetes, azure, and istio
Shifting security to the left with kubernetes, azure, and istioShifting security to the left with kubernetes, azure, and istio
Shifting security to the left with kubernetes, azure, and istio
Christian Melendez
 
Docker Security Overview
Docker Security OverviewDocker Security Overview
Docker Security Overview
Sreenivas Makam
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
Rafael Konlechner
 
Reversing & malware analysis training part 12 rootkit analysis
Reversing & malware analysis training part 12 rootkit analysisReversing & malware analysis training part 12 rootkit analysis
Reversing & malware analysis training part 12 rootkit analysisAbdulrahman Bassam
 
Operating Docker
Operating DockerOperating Docker
Operating Docker
Jen Andre
 
"Docker best practice", Станислав Коленкин (senior devops, DataArt)
"Docker best practice", Станислав Коленкин (senior devops, DataArt)"Docker best practice", Станислав Коленкин (senior devops, DataArt)
"Docker best practice", Станислав Коленкин (senior devops, DataArt)
DataArt
 
So. many. vulnerabilities. Why are containers such a mess and what to do abou...
So. many. vulnerabilities. Why are containers such a mess and what to do abou...So. many. vulnerabilities. Why are containers such a mess and what to do abou...
So. many. vulnerabilities. Why are containers such a mess and what to do abou...
Eric Smalling
 
DCSF19 Dockerfile Best Practices
DCSF19 Dockerfile Best PracticesDCSF19 Dockerfile Best Practices
DCSF19 Dockerfile Best Practices
Docker, Inc.
 
Docker app armor_usecase
Docker app armor_usecaseDocker app armor_usecase
Docker app armor_usecase
Kazuki Omo
 
Docker 101 Checonf 2016
Docker 101 Checonf 2016Docker 101 Checonf 2016
Docker 101 Checonf 2016
Patrick Chanezon
 
Advanced Malware Analysis Training Session 8 - Introduction to Android
Advanced Malware Analysis Training Session 8 - Introduction to AndroidAdvanced Malware Analysis Training Session 8 - Introduction to Android
Advanced Malware Analysis Training Session 8 - Introduction to Android
securityxploded
 

Similar to Securing the Socks Shop (20)

maven-for-maine-jug-090226091601-phpapp02.ppt
maven-for-maine-jug-090226091601-phpapp02.pptmaven-for-maine-jug-090226091601-phpapp02.ppt
maven-for-maine-jug-090226091601-phpapp02.ppt
 
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
Docker Azure Friday OSS March 2017 - Developing and deploying Java & Linux on...
 
Apparmor
ApparmorApparmor
Apparmor
 
Droidcon it-2014-marco-grassi-viaforensics
Droidcon it-2014-marco-grassi-viaforensicsDroidcon it-2014-marco-grassi-viaforensics
Droidcon it-2014-marco-grassi-viaforensics
 
DCSF 19 Building Your Development Pipeline
DCSF 19 Building Your Development Pipeline DCSF 19 Building Your Development Pipeline
DCSF 19 Building Your Development Pipeline
 
Weave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 RecapWeave User Group Talk - DockerCon 2017 Recap
Weave User Group Talk - DockerCon 2017 Recap
 
The Golden Ticket: Docker and High Security Microservices by Aaron Grattafiori
The Golden Ticket: Docker and High Security Microservices by Aaron GrattafioriThe Golden Ticket: Docker and High Security Microservices by Aaron Grattafiori
The Golden Ticket: Docker and High Security Microservices by Aaron Grattafiori
 
What is this "docker"
What is this "docker" What is this "docker"
What is this "docker"
 
Security Tips to run Docker in Production
Security Tips to run Docker in ProductionSecurity Tips to run Docker in Production
Security Tips to run Docker in Production
 
Shifting security to the left with kubernetes, azure, and istio
Shifting security to the left with kubernetes, azure, and istioShifting security to the left with kubernetes, azure, and istio
Shifting security to the left with kubernetes, azure, and istio
 
Docker Security Overview
Docker Security OverviewDocker Security Overview
Docker Security Overview
 
Introduction to Docker
Introduction to DockerIntroduction to Docker
Introduction to Docker
 
Reversing & malware analysis training part 12 rootkit analysis
Reversing & malware analysis training part 12 rootkit analysisReversing & malware analysis training part 12 rootkit analysis
Reversing & malware analysis training part 12 rootkit analysis
 
Operating Docker
Operating DockerOperating Docker
Operating Docker
 
"Docker best practice", Станислав Коленкин (senior devops, DataArt)
"Docker best practice", Станислав Коленкин (senior devops, DataArt)"Docker best practice", Станислав Коленкин (senior devops, DataArt)
"Docker best practice", Станислав Коленкин (senior devops, DataArt)
 
So. many. vulnerabilities. Why are containers such a mess and what to do abou...
So. many. vulnerabilities. Why are containers such a mess and what to do abou...So. many. vulnerabilities. Why are containers such a mess and what to do abou...
So. many. vulnerabilities. Why are containers such a mess and what to do abou...
 
DCSF19 Dockerfile Best Practices
DCSF19 Dockerfile Best PracticesDCSF19 Dockerfile Best Practices
DCSF19 Dockerfile Best Practices
 
Docker app armor_usecase
Docker app armor_usecaseDocker app armor_usecase
Docker app armor_usecase
 
Docker 101 Checonf 2016
Docker 101 Checonf 2016Docker 101 Checonf 2016
Docker 101 Checonf 2016
 
Advanced Malware Analysis Training Session 8 - Introduction to Android
Advanced Malware Analysis Training Session 8 - Introduction to AndroidAdvanced Malware Analysis Training Session 8 - Introduction to Android
Advanced Malware Analysis Training Session 8 - Introduction to Android
 

Recently uploaded

Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 

Recently uploaded (20)

Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 

Securing the Socks Shop