The security defaults of Docker are designed to get you up and running (“just work”) quickly, rather than being the most secure. There are many default configurations that can be improved upon. In this talk Kim will walk through improving the security of Docker hosts, containers, networking and deployments.
Discussion about Kim's new book on Cloud Security, some of the content, and links to other useful resources around securing your Cloud environments.
Are you looking to achieve a good understanding of your responsibilities as well as your CSPs responsibilities to make sure your security stature in the Cloud is where you need it to be? Do you need the technical direction required to create your secure Cloud environment? You can think of this book as your technical Cloud consultant.
Discussion about Kim's new book on Docker Security, some of the content, and links to other useful resources around securing your Docker deployments.
Are you looking to improve the security of your Docker deployments? Do you want to confirm you haven't missed any important security aspects in your Docker infrastructure?
A three part book series focused on lifting the security knowledge of Software Developers, Engineers, and their teams, so that they can continuously deliver secure technical solutions on time and within budget, without nasty surprises.
First book is complete, second book is content complete and currently in technical review.
Lack of captchas are a risk, but so are captchas themselves...
Not being able to introspect your application at any given time or being able to know how the health status is, is not a comfortable place to be in and there is no reason you should be there.
Redirects to legacy blog post.
This is where A9 (Using Components with Known Vulnerabilities) of the 2013 OWASP Top 10 comes in. We are consuming far more free and open source libraries than we have ever before. Much of the code we are pulling into our projects is never intentionally used, but is still adding surface area for attack. In this post we address the risks and countermeasures.
Redirects to legacy blog post.