Three years of lessons from running potentially malicious code inside containers
For the past three years, Katacoda has been providing an online learning and training environment for cloud-native technologies. The live environments for Docker, Kubernetes and other Cloud-Native technologies are accessible via the browser without any downloads or configuration enabling users to explore and experiment with complete systems.
A side effect is that users can, and have, execute malicious code and attempted to hack the system from inside the container.
In this talk, Ben will share the lessons learned of building Katacoda and some of the interesting stories and security attempts from the past three years.
This talk will give insight into:
- Out of the box security with Docker and Kubernetes
- Docker and Linux security issues
- Monitoring for malicious activity
- What happens when it all goes wrong
In the end, attendees will learn different approaches they can take to secure their own systems and be prepared for potential attacks they might face.