Container forensics workshop

DevSecCon Singapore 2018 Speaker
23 Feb 2018
15:15 - 17:15
Workshop | Rosewood Room

Container forensics workshop

SSHing into a container for troubleshooting or burdening it with additional monitoring tools is kind of an anti-pattern. But… you still want to have full control, traceability and visibility right? Containers are highly volatile, how can you do this if your container doesn’t exist anymore?

Probably you already know Sysdig and how it uses Linux tracepoints to collect and then process and filter kernel system calls and events. Still this requires a deep knowledge on a tcpdump like filtering syntax and understanding on the syscalls involved.

What if you could analyze system calls with an open source graphical user interface that allows to correlate high level activities like containers, processes, containers, network or file I/O and commands or logs? Let’s meet Sysdig Inspect and make our deep dive into system calls much more intuitive and visual.

This website uses cookies to ensure you get the best experience on our website More info

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close