Docker Docker

Don’t have a Meltdown! Practical Steps for Defending Your Apps

Security is a key concern for application developers and operations teams, as well as security professionals. Have I done enough? What do I need to do in the face of new threats like Meltdown and Spectre? What happens when the next big issue comes along? What should my priorities be? How do containers help?

In this talk we’ll demonstrate some common attacks live, and show how you can effectively defend your container deployment against them, using a combination of best practices, configuration, and tools.

Taking inspiration from highlights of the OWASP Top 10, and other high profile exploits and attacks, in this talk we will look at risks and preventative measures related to:

- authentication
- injection
- updates
- sensitive data
- configuration

By the end of the talk you should understand the most important security risks in your applications, and how to go about mitigating them.

Liz Rice, Aqua Security
Justin Cormack, Docker

Presentation slides: https://www.slideshare.net/Docker/dont-have-a-meltdown