AppSecUSA 2015

In recent years applications have fundamentally changed, led largely by changing software development practices. These new applications not only behave differently but their architecture fundamentally changes how they are built, deployed, managed and secured over time. Instead of provisioning large servers to process a few large workloads in virtual machines or bare metal, collections of small applications are being run across a collection of commodity hardware. With more applications sharing the same OS, containers have risen as the appropriate model for packaging these smaller applications.

The best practices around security of applications have long recommended the use of multiple layers in order to increase the overall resilience of a system. Containers create exactly that: an additional layer of protection between applications and the host, and between the applications themselves.

This talk will go over how deploying your current applications using Docker containers makes your infrastructure safer by default. It will cover the topics of lifecycle management, best practices for Docker configuration and more advanced features, such as the use of Linux Security Modules (LSMs).