Attacking & Auditing Docker Containers

Tuesday, October 30, 2018 - 4:00 pm5:30 pm

Madhu Akula, Appsecco

Abstract: 

Developers and Operations teams (DevOps) have moved towards containers and modern technologies. Attackers are catching up with these technologies and finding security flaws in them. In this workshop, we will look at how we can test for security issues and vulnerabilities in Dockerised environments. Throughout the workshop we will learn how we can find security misconfigurations, insecure defaults and container escape techniques to gain access to host operating system (or) clusters. In the workshop, we will look at real world scenarios where attackers compromised containers to gain the access to applications, data and other assets.

By the end of workshop participants will be able to:

  1. Understand Docker security architecture
  2. Audit containerised environments
  3. Perform container escapes to get access to host environments

The participants will get the following:

  1. A Gitbook(pdf, epub, mobi) with complete workshop content
  2. Virtual machines to learn & practice
  3. Other references to learn more about topics covered in the workshop

Madhu Akula, Appsecco

Madhu is a security ninja and published author. Madhu’s research papers are frequently selected for major security industry conferences including Defcon 26,24 , Blackhat USA 2018, Appsec EU 2018, All Day DevOps (2016, 2017), DevSecCon (London, Singapore, Boston), DevOpsDays India, c0c0n, Serverless Summit, null, etc. His research has identified many vulnerabilities in over 200 organisations including US Department of Homeland Security, Google, Microsoft, Yahoo, Adobe, LinkedIn, Ebay, AT&T, Blackberry, Cisco, Barracuda etc. He is co-author of Security Automation with Ansible2 book published by Packt Publishing in December 2017, which is listed as a resource by the RedHat Ansible itself.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

This content is available to:

Download Training Materials (Attendees Only)
BibTeX
@conference {221800,
author = {Madhu Akula},
title = {Attacking \& Auditing Docker Containers},
year = {2018},
address = {Nashville, TN},
publisher = {{USENIX} Association},
}
Who should attend: 
  • Penetration Testers
  • Security Engineers/Analysts
  • IT and System Administrators
  • DevOps and Security Teams
Take back to work: 
  1. A Gitbook(pdf, epub, mobi) with complete workshop content
  2. Virtual machines to learn & practice
  3. Other references to learn more about topics covered in the workshop
Topics include: 

Docker, Containers, Security, Audit, DevSecOps, SecOps

Prerequisites: 
  • Able to run linux cli commands
  • Basics of system administration
  • Understanding about virtualisation would be useful
  • A laptop with administrator privileges
  • 10 GB of free Hard Disk Space
  • Ideally 8 GB of RAM but minimum 4 GB
  • Laptop should support hardware-based virtualization
    • If your laptop can run a 64-bit virtual machine in Oracle VirtualBox it should work
    • Other virtualisation software might work but we will not be able to provide support for that.