back to overview
DOCKER, DEVOPS & SECURITY IN ENTERPRISE
DELIVERY: CLASSROOM // DURATION: 3 DAYS
Docker, Microservices, Kubernetes, DevOps, Continuous Integration/ Deployment/Delivery, Container – all of those terms heavily dominate modern application development teams and processes. This course will explain all of the mentioned terms and focus on the following main questions:
  • How strong and reliable are the isolation capabilities of Docker/Linux/OS containers?
  • How do containers affect typical application and network architectures?
  • Which changes are introduced by the CI/CD/Microservice paradigm into traditional development environments?
  • How does a typical CI/CD pipeline look?
  • How can ”security“ be integrated into these new development/architecture paradigms?
  • What additional attack surface and security challenges are introduced by the changed development landscape and additional tools?
All agenda topics will be supported by practical exercises and/or demos. At the end of the course, each attendee will have an automated environment where code changes can be deployed to staged hosting environments while being covered by various functional and/or security-related tests. The attendees will also know the concept behind the main buzzwords and tools described above and understand how they impact application architectures, development, and security posture.

 

LEARNING OBJECTIVES
IT Security Professionals who want to
  • Understand the technology behind the recent and common buzzwords listed above
  • Be able to evaluate the isolation capabilities of container solutions
  • Get ideas on how to integrate security into typical DevOps environments and continuous workflows
Software Architects and Developers who want to
  • Learn about potential security vulnerabilities in common practices and tools
  • Understand the concerns of the security people
  • Improve their development chain by adding automated security checks
  • Due to the large amount of tools and technologies, this training will not be able to cover security aspects of every single technology in detail. However, we’re happy to receive specific questions before the course begins to potentially prepare additional material and you will get an overview of how to approach unknown/new technologies from a security perspective
 
TARGET AUDIENCE
IT security professionals, software architects and developers
 
Course Content
Day 1, DevOps Technology Basics:
  • What are DevOps & Microservices?
  • Competitors / Technology overview (Docker, rkt, LXC, Windows Containers)
  • Docker Ecosystem Overview (Docker Engine, containerd, runC, OCI)
  • Docker Management
  • Container & Images:
    • Tagging
    • Docker build process
    • Docker run process
    • Dockerfile
    • LayerFS
    • Volumes
  • Basic Networking
  • Docker Compose: File reference and structure
    • Docker Compose Services
  • Docker Machine
  • Docker Registries (Docker Registry, Nexus, Artifactory, et. al.)
  • Docker Swarm: Overlay & Advanced Networking
    • Application Stacks
    • Rolling Upgrades
  • Persistence Approaches
  • Monitoring + Logging
Day 2, Container Management & Security
  • Container Management Solutions Overview: Marathon/Mesos/DC/OS
    • Rancher/ Cattle / RancherOS
      • CoreOS
      • PhotonOS
      • Kubernetes
      • OpenShift
  • Kubernetes Architecture: Cluster Management Mechanisms
    • Network Plugin Infrastructure
    • Detailed Overview of Contrail/Calico/Canal/Flannel
    • OpenVSwitch
    • Weave
  • Security Analysis, Attack surface and known attacks for: OS Container in general
    • Docker & Docker Swarm
    • Kubernetes
  • Hardening (including attack surface reduction, secure management, access control) of: Linux Containers
    • Docker Swarm
    • Kubernetes
Day 3, Security Archtecture & Integration
  • Security and Sample Architecture of: Docker Swarm
    • Kubernetes
    • Supporting components (such as Registries and Distributed Configuration Management Systems)
  • Integration of Security into agile/DevOps development and deployment processes: Governance Secrets
    • Management
    • Container Vulnerability Management
    • Architecture Analysis
    • Continuous Integration/Deployment pipelines
 
PRE-REQUISITE FOR COURSE REGISTRATION
The attendees should have basic knowledge of the Linux bash and a command line-based text editor (e.g. nano or vim), a system with WLAN and an SSH client (i.e. PuTTY) which is able to connect via SSH to systems in the Internet. For the exercises, we provide the needed infrastructure in a cloud environment which the attendees can connect to via SSH.

Upcoming Session

Dates Location Language Registration fee (plus VAT)
Jul 15 - 17, 2019 ISH Campus Munich Airport German 2490€
Aug 26 - 28, 2019 ISH Campus Munich Airport German 2490€

FAQs

How to get to the ISH Campus?

Address: Südallee 1 85326 Munich, Germany
Phone: +49 (0)89 975 32275

Mit dem Auto- von der A92/München

Orientieren Sie sich an der Beschilderung “Frachtgebaude” unde verlassen Sie die Autobahn. Folgen Sie der Straße nach rechts, Sie überqueren auf der Brücke die S-Bahn Linie. Biegen Sie bei der nächsten Möglichkeitne rechts ab un folgen dem Straßenverlauf über eine langgezogene Rechtsverurve. Fogen Sie der Straße weiterhin bis Sie links abbiegen können. Biegen Sie links ab. Zu Ihrer Rechten erreichen Sie die “Luftpostleitstelle”.

By car - from the A92 / Munich

Follow the signs “Frachtgebaude” and leave the motorway. Follow the road to the right and cross the S-Bahn line on the bridge. At the next opportunity, turn right and follow the road over a long right turn. Continue to follow the street until you can turn left. Turn left. On your right you will reach the “Luftpostleitstelle”.

Mit der S-Bahn / dem Flugzeug

Steigen Sie in die S-Bahn-Linie S8 oder S1 und fahren Sie bis zum “Besucherpark”. Verlassen Sie in die S-Bahn-Station in Richtung Flight- Operations-Center (FOC/Lufthanasa) und folgen Sie am Ende der Treppen nach unten der Straße zu Ihrer Linken bis zum Ende der “Frachtgebäide”. Gehen Sie weiter gerade aus und folgen Sie der Straße nach rechts. Am Ende dieser Straße erreichen Sie die “Luftpostleitstelle”.

By S-Bahn / airplane

Get on the S-Bahn line S8 or S1 and drive to the “Besucherpark”. Exit the S-Bahn station towards the Flight-Operations-Center (FOC / Lufthanasa) and at the bottom of the stairs, follow the road to the left to the end of the “Frachtgebäide”. Continue straight ahead and follow the road to the right. At the end of this street you reach the “Luftpostleitstelle”.

Are events and trainings in English or in German?

Since we want to provide the best trainings and events for “Securing the Global future” we offer our programs in both English and German. You can tell which language the training or event is in by which flag icon is listed next to the title. A British flag for English or the German flag for Deutsch.

Where can I check my ticket order?

You can always check or make changes to your ticket order by using the link in the email you received after you completed your booking. If you don’t have this link anymore, you can request a new mail through our ticketshop.

What hotels are in the area?

While there are a wide range of hotels around the airport we have personally stay at both the Hilton and Hotel Novotel, and find them to be very nice and accommodating.

Hilton Munich Airport

Address: Terminalstraße Mitte 20, 85356 München-Flughafen
Phone: +49 (0)89 97820

Hotel Novotel

Address: Nordallee 29, 85356 München Phone: +49 (0)89 9705130

I have further questions and would like to speak to someone in person, who do I call?

Yes, you can email us at info@infosec-hub.de or call us at +49 89 975 32275. We are fluent in English or German.