Securing Docker Container Workloads
Docker containers are a mainstream mechanism for application delivery, and securing the container workload is vital. This course will give you the knowledge and techniques you need for securing containerized software applications.
What you'll learn
Packaging, distributing, and running software applications in containers is no longer a pastime just for early adopters. Containers are mainstream, and with that comes a concern about the security and integrity of containers as an application delivery mechanism. In this course, Securing Docker Container Workloads, you'll learn how to secure your application workloads from the perspective of the container itself. First, you'll learn about the Linux security mechanisms that go together to create the abstract concept of the container, and how they work together to ensure that containers are good neighbors. Next, you'll explore the privileges that are available to container workloads, and how you can adopt and apply the principle of least privilege to reduce the risk of privilege escalation. Finally, you'll see how to minimize the attack surface available from within a container by limiting the access it has to the kernel and other system objects. By the end of this course, you'll be equipped with the knowledge and techniques necessary for securing your Docker container workloads.
Table of contents
- Module Overview 2m
- Managing Privileges with a Non-privileged User 5m
- Advanced Management of a Container User 7m
- Running a Container Workload as a Non-privileged User 12m
- Introducing Linux Capabilities 8m
- Docker and Linux Capabilities 4m
- Using Capabilities with a Container Workload 4m
- Module Summary 1m
- Module Overview 2m
- Access Control with Linux Security Modules 8m
- Using SELinux to Implement Access Control 6m
- Applying SELinux to Container Workloads 4m
- Demonstrating SELinux Applied to Container Workloads 7m
- AppArmor and Applying Profiles to Container Workloads 8m
- Generating a Custom AppArmor Profile for a Container Workload 9m
- Course Summary 4m