Securing the container runtime environment
Securing the container runtime environment can be a tricky challenge. With more control and decision criteria pushed to development teams, how can security teams ensure that what’s running on container platforms isn’t exposing your platform and applications to attack. In this workshop we will talk about Sysdig Falco, an open source project for container runtime security, and show how to configure Falco to detect abnormal behavior in container platforms. We will walk through exploiting an application, and then show how to write Falco rules to mitigate an attack. We will also walk through how Falco can help with forensics and incident response. Attendees will leave with a strong understanding of the challenges of runtime security, and how Falco can solve those problems.