
Container Escapes 101
Welcome to Container Escapes 101 at the AppSec Village at DEF CON 33!! 🎯 Goal: to have a working knowledge of container escapes and how each security measure or risk maps to potential for exploit...
Welcome to Container Escapes 101 at the AppSec Village at DEF CON 33!! 🎯 Goal: to have a working knowledge of container escapes and how each security measure or risk maps to potential for exploit...
What capabilities do I have? Capabilities define what a process is allowed to do. Instead of an all-or-nothing approach of either being root with all the permissions or a user with nothing, capab...
Our shared kernel One of the fundamental tenants of containers is that they’re a process that shares a kernel’s resources. It is not a virtual machine. Let’s try something together … $ docker r...
To start, let’s get an idea of how isolated we really are. Let’s run a few popular containers with a shell. We want to determine who we are inside our container, not outside of it (yet). This in...
This is dedicated to the person who asked me about this after a conference talk earlier this summer. Having found a great build job script injection to a privilege escalation … there was nothing e...
When you run docker pull image it 🪄 magically 🪄 pulls the right architecture. Right? Hi, I’m Natalie - the technical lead for public sector at Chainguard. As noted earlier, we use Sigstore a lot! ...
The rise of software supply chain attacks, strengthened security requirements of compliance frameworks, and the speed and complexity of software development have all driven the need for enterprise ...
One of the most common (and sneaky) misconceptions I run across talking to folks using containers is what even is a container? It seems like we’re slinging around little appliances or little VMs. T...
“Let’s move to containers” promised engineering simplicity, security, and easy scaling … but there was a catch. 🙊 The simplicity and security gains were only true if containers were used as intend...
I have a very bad habit to confess. 😇 I pin my third-party GitHub Actions to a SHA.1 😇 This ensures that a specific commit is running every time. It’s widely considered a security best practice ...