Victor Coisne

DockerCon 2017: The Top Rated Sessions

After the general session videos from DockerCon Day 1 and Day 2 yesterday, we’re happy to share with you the video recordings of the top rated sessions by DockerCon attendees. All the slides will soon be published on our slideshare account and all the breakout session video recordings available on our DockerCon 2017 youtube playlist. Cilium: Network and Application Security with BPF and XDP by Thomas Graf Docker?!? But I am a Sysadmin by Mike Coleman Creating Effective Images by Abby Fuller Taking Docker from Local to Production at Intuit by JanJaap Lahpor and Harish Jayakumar Container Performance Analysis by Brendan Gregg Secure Substrate: Least Privilege Container Deployment by Diogo Mónica and Riyaz Faizullabhoy Escape from VMs with Image2Docker by Elton Stoneman and Jeff Nickoloff What Have Namespaces Done for You Lately? by Liz Rice Watch the top rated sessions from #dockercon cc @brendangregg @abbyfuller @lizrice @diogomonica   Click To Tweet

Diogo Mónica

Secured at Docker – Diogo Mónica and Nathan McCauley

I’m thrilled to officially announce that Nathan McCauley and I are joining Docker to lead the Security Team. Back in 2011, Nathan and I were fortunate enough to join Square just as it was picking up steam. Square disrupted traditional point-of-sale systems by allowing anyone to take credit-card payments on their phone. And with great, disruptive ideas came new and interesting security engineering challenges. During our time at Square we built a wide range of different systems, from an general purpose cryptography infrastructure, a fully-fledged mutual-TLS micro-service architecture and a small end-to-end encrypted credit-card reader. All of these systems allow Square to move hundreds of millions of dollars per day. We are incredibly proud of what we have achieved at Square but a new opportunity presented itself. 

Jérôme Petazzoni

Containers & Docker: How Secure Are They?

This post reviews the various security implications of using Docker to run applications within containers, and how to address them. There are three great areas to consider: the intrinsic security of containers, as implemented by namespaces and cgroups; the specific attack surface of the Docker daemon itself; the “hardening” security features of the kernel and how they interact with containers. We will also discuss how Docker security features compare with other systems.