finelybook
Container Security: Fundamental Technology Concepts that Protect Containerized Applications
by 作者: Liz Rice
pages 页数: 200 pages
Publisher Finelybook 出版社: O'Reilly Media; 1 edition (April 21,2020)
Language 语言: English
ISBN-10 书号: 1492056707
ISBN-13 书号: 9781492056706
Book Description
To facilitate scalability and resilience,many organizations now run applications in cloud native environments using containers and orchestration. But how do you know if the deployment is secure? This practical book examines key underlying technologies to help developers,operators,and security professionals assess security risks and determine appropriate solutions.
Author Liz Rice,VP of open source engineering at Aqua Security,looks at how the building blocks commonly used in container-based systems are constructed in Linux. You’ll understand what’s happening when you deploy containers and learn how to assess potential security risks that could affect your deployments. If you run container applications with kubectl or docker and use Linux command-line tools such as ps and grep,you’re ready to get started.
Explore attack vectors that affect container deployments
Dive into the Linux constructs that underpin containers
Examine measures for hardening containers
Understand how misconfigurations can compromise container isolation
Learn best practices for building container images
Identify container images that have known software vulnerabilities
Leverage secure connections between containers
Use security tooling to prevent attacks on your deployment
'Preface
1. Container Security Threats
2. Linux System Calls,Permissions,and Capabilities
3. Control Groups
4. Container Isolation
5. Virtual Machines
6. Container Images
7. Software Vulnerabilities in lmages
8. Strengthening Container Isolation
9. Breaking Container lsolation
10. Container Network Security
11. Securely Connecting Components with TLS
12. Passing Secrets to Containers
13. Container Runtime Protection
14. Containers and the OWASP Top 10
Conclusions
Security Checklist
Index
