Amiran Alavidze
Amiran is a passionate product security professional with over 20 years of technology experience in a variety of roles, such as systems engineering, security operations, GRC, and product and application security. As a security engineering leader, Amiran is advocating a pragmatic approach to security where partnership between security, builder, and platform teams result in security becoming a business enabler. An avid supporter of the local security community, Amiran is involved with OWASP Vancouver chapter and DC604 DEFCON group.
2024 Talk
Talk Title: Containers Uncontained
Talk Abstract:
Docker security mistakes I made so you don’t have to!
Containers are often used as an isolation mechanism to either run unsecured workloads (i.e. isolate them from hostile external environments) or increase security of questionable workloads (i.e. “I don’t fully trust this, so I’ll keep it separate”). When doing so, we need to keep in mind that strong security isolation was not a design objective for containers. There are severe limits to the provided isolation and also unexpected ways to break the isolation completely through misconfiguration.
In this blue team focused talk we will review critical Docker security (mis-)configurations I’ve seen in the wild. We will consider WHY they are dangerous (there will be demos!) and HOW to fix them.
The talk is focused on intended (albeit dangerous) functionality, there will be no 0-days. Also, container orchestration technologies will not be covered - a lot of presented scenarios would be applicable, but there is additional attack surface not considered in this talk.