Workshop: Container Security

In this 2.5-hour use-case driven training session we’ll cover the most important container security techniques: (best practices, platform features, image scanning, run-time security and forensics) with Docker, Kubernetes and other 3rd party open source tools (Anchore, Falco and Sysdig Inspect).


  • Container security best practices: Learn what are the security best practices building your containers: privileges, resource limits, Dockerfile options, rebuild process, etc.
  • Kubernetes platform security features: Host security configuration, Kubernetes RBAC, Kubernetes Security Policy, Kubernetes Network Policy and other Admission Controllers, etc.
  • Image scanning: How image static scanning works in Docker, available tools like Quay and Anchore, integrating this in your CI/CD pipeline.
  • Runtime security and forensics: Why runtime security is important? How tools like seccomp, SELinux, AppArmor or Falco compare. Writing Falco rules. Forensics on containers.
  • Deploying all the open source tools for a real example: Bringing together all the tools like docker-bench, kube-bench, Kubernetes features, Anchore, Falco, sysdig and Sysdig Inspect.Using FaaS for reacting to security threats in a containerized world.



Jorge Salamero

Jorge enjoys monitoring all the things, from his Docker containers and Kubernetes clusters to writing sensors plugins for DIY IoT projects with Raspberry PI and ESP8266. Currently he is part of the ...