Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Container Security Monitoring using Open Source - All Day DevOps 2018

Madhu Akula
October 19, 2018

Container Security Monitoring using Open Source - All Day DevOps 2018

The world is advancing towards accelerated deployments using DevOps and cloud native technologies. In this talk we will see how to monitor for security events using open source solutions to build an actionable monitoring system for Docker and Kubernetes.

Madhu Akula

October 19, 2018
Tweet

More Decks by Madhu Akula

Other Decks in Technology

Transcript

  1. View Slide

  2. •
    •
    •
    •
    •
    •
    •
    About Me

    View Slide

  3. •
    •
    •
    •
    •
    • ​
    • ​
    What we are going to learn

    View Slide

  4. Importance of container security monitoring

    View Slide

  5. Importance of container security monitoring

    View Slide

  6. •
    ​
    •
    ​
    •
    •
    Why use container security monitoring?

    View Slide

  7. •
    •
    •
    •
    •
    Container security monitoring

    View Slide

  8. •
    a.
    b.
    c.
    How to do container security monitoring

    View Slide

  9. ●
    ○
    ●
    ○
    ●
    ○
    ○
    How to do container security monitoring

    View Slide

  10. •
    •
    •
    Simple and quick way to look at logs

    View Slide

  11. docker events example

    View Slide

  12. docker logs example

    View Slide

  13. kubectl logs example

    View Slide

  14. Container integrity checks example

    View Slide

  15. System level monitoring using cAdvisor

    View Slide

  16. •
    •
    •
    •
    What about security specific monitoring?

    View Slide

  17. •
    ​
    •
    ​
    • ​
    • ​
    •
    •
    Why Sysdig Falco?

    View Slide

  18. •
    •
    •
    Why Sysdig Falco?

    View Slide

  19. DEMO - Introducing Sysdig Falco
    https://youtu.be/A41bAUzvym0

    View Slide

  20. ​
    Automated defense for container security

    View Slide

  21. Automated defense infrastructure setup

    View Slide

  22. •
    •
    •
    •
    •
    •
    Automated defense infrastructure setup

    View Slide

  23. DEMO - Automated defense
    https://youtu.be/zd0ksjZI5Vk

    View Slide

  24. •
    •
    •
    •
    •
    What just happened?

    View Slide

  25. • ​
    •
    • ​
    Use cases

    View Slide

  26. Want to try it yourself in a browser?
    https://www.katacoda.com/sysdig/scenarios/sysdig-falco

    View Slide

  27. Credits and acknowledgements
    ●
    ●
    ●
    ●
    ●

    View Slide

  28. •
    • ​
    •
    • https://www.katacoda.com
    •
    •
    ​
    References and resources

    View Slide

  29. Thank You Sponsors

    View Slide

  30. Thank You Supporters

    View Slide

  31. Meet Me in the Slack Channel for Q&A

    View Slide

  32. Thank You
    @madhuakula | @appseccouk

    View Slide