Current security solutions that worked in the VM age aren't adequate anymore to securing our workloads in containers, or their delivery to our environments. How do you deal with patch management, virus scans, vulnerability management, secure application delivery in a containerized world. More and more companies are required to secure their data due to regulations, while more and more companies are being compromised too. This lab will walk through how to secure the delivery pipeline system, and how to secure your containers during runtime. We'll start by focusing on the container build process and how to simplify patch management for containers; also, container security scanning and how to know if your container is void of malicious code and vulnerabilities. We'll then move on to registries, how to create an environment that developers can use in their workflow and how to secure that for production ready containers. Finally we'll focus on runtime, how to make sure our containers are doing what they're supposed to do, and not what they shouldn't be doing. There isn't any reason to be afraid of adapting a containerized solution because of security. You can be secure and use a containerized workflow too. This will be using all open source solutions, you'll be able to see how the world of security continues to improve with open source.
