Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Container Security Monitoring using Open Source - All Day DevOps 2018

Container Security Monitoring using Open Source - All Day DevOps 2018

The world is advancing towards accelerated deployments using DevOps and cloud native technologies. In this talk we will see how to monitor for security events using open source solutions to build an actionable monitoring system for Docker and Kubernetes.

Madhu Akula

October 19, 2018
Tweet

More Decks by Madhu Akula

Other Decks in Technology

Transcript

  1. •
    •
    •
    •
    •
    •
    •
    About Me

    View full-size slide

  2. •
    •
    •
    •
    •
    • ​
    • ​
    What we are going to learn

    View full-size slide

  3. Importance of container security monitoring

    View full-size slide

  4. Importance of container security monitoring

    View full-size slide

  5. •
    ​
    •
    ​
    •
    •
    Why use container security monitoring?

    View full-size slide

  6. •
    •
    •
    •
    •
    Container security monitoring

    View full-size slide

  7. •
    a.
    b.
    c.
    How to do container security monitoring

    View full-size slide

  8. ●
    ○
    ●
    ○
    ●
    ○
    ○
    How to do container security monitoring

    View full-size slide

  9. •
    •
    •
    Simple and quick way to look at logs

    View full-size slide

  10. docker events example

    View full-size slide

  11. docker logs example

    View full-size slide

  12. kubectl logs example

    View full-size slide

  13. Container integrity checks example

    View full-size slide

  14. System level monitoring using cAdvisor

    View full-size slide

  15. •
    •
    •
    •
    What about security specific monitoring?

    View full-size slide

  16. •
    ​
    •
    ​
    • ​
    • ​
    •
    •
    Why Sysdig Falco?

    View full-size slide

  17. •
    •
    •
    Why Sysdig Falco?

    View full-size slide

  18. DEMO - Introducing Sysdig Falco
    https://youtu.be/A41bAUzvym0

    View full-size slide

  19. ​
    Automated defense for container security

    View full-size slide

  20. Automated defense infrastructure setup

    View full-size slide

  21. •
    •
    •
    •
    •
    •
    Automated defense infrastructure setup

    View full-size slide

  22. DEMO - Automated defense
    https://youtu.be/zd0ksjZI5Vk

    View full-size slide

  23. •
    •
    •
    •
    •
    What just happened?

    View full-size slide

  24. • ​
    •
    • ​
    Use cases

    View full-size slide

  25. Want to try it yourself in a browser?
    https://www.katacoda.com/sysdig/scenarios/sysdig-falco

    View full-size slide

  26. Credits and acknowledgements
    ●
    ●
    ●
    ●
    ●

    View full-size slide

  27. •
    • ​
    •
    • https://www.katacoda.com
    •
    •
    ​
    References and resources

    View full-size slide

  28. Thank You Sponsors

    View full-size slide

  29. Thank You Supporters

    View full-size slide

  30. Meet Me in the Slack Channel for Q&A

    View full-size slide

  31. Thank You
    @madhuakula | @appseccouk

    View full-size slide