Course Description

This is a course focused on Docker security fundamentals for you to know how to defend your docker daemon, docker images and docker containers. Docker is a trending technology and it's here to stay. Actually applications are safer running inside containers. Get to know what Docker is, why it's trending and how to secure it.

In this course you'll learn from what are the best practices to protect images you build or images you download from the internet and how to run them safely. This is just the starting point, but without dobts it's a very important one.

The path to master Docker security starts here, with rock solid fundamentals from Anderson Dadario, a product security engineer with a decade of experience in software development and software security.

What's the ideal audience for this course?

The Docker Security Fundamentals course is focused on security analysts and systems engineers that want to know about the popular technology named Docker and or want to enhance their knowledge regarding Docker security.

Course Requirements

Be familiar with Linux. The Docker installation process isn't covered in the course and in case you want to reproduce all demonstrations, please follow the official documentation to install Docker.

What are you going to get out of this course?

Understand what is Docker

Understand how Docker works

Understand how security can be applied to Docker

Understand Docker Daemon protections

Understand Docker Image protections

Understand Docker Container protections

Be ready to dive deep in Docker

Curriculum

Section 1: Course Prologue

[Lecture #1] Introduction 00:59

Section 2: Docker Overview

[Lecture #2] What is Docker? 03:32

What is Docker? [Lecture #3] How a container is born 13:47

How a container is born [Lecture #4] Docker Compose: in case you wanna go beyond 01:40

Docker Compose: in case you wanna go beyond [Lecture #5] Docker Security Overview 03:00

Section 3: Docker Daemon Security

[Lecture #6] Keep Docker up-to-date 02:00

Keep Docker up-to-date [Lecture #7] Harden Docker Daemon 01:59

Section 4: Docker Image Security

[Lecture #8] Don't put sensitive files in your images 10:30

Don't put sensitive files in your images [Lecture #9] Audit Dockerfiles 05:32

Audit Dockerfiles [Lecture #10] Avoid images without Dockerfile 02:55

Avoid images without Dockerfile [Lecture #11] Only install images you trust 02:08

Only install images you trust [Lecture #12] Run security scanners on images 02:03

Section 5: Docker Container Security

[Lecture #13] Don't run containers as root 10:45

Don't run containers as root [Lecture #14] Reduce container capabilities 03:24

Reduce container capabilities [Lecture #15] Limit container usage 01:14

Limit container usage [Lecture #16] Choose the right network 05:42

Choose the right network [Lecture #17] Consider using a Container Security Platform 03:41

Consider using a Container Security Platform [Lecture #18] Additional Protections 03:03

Section 6: Course Epilogue