Jose Manuel Ortega
@ Freelance
My career has been focused from the beginning to specialize in application security. My strengths live on at the technical level by the type of training that I have received in recent years and the projects where I have worked. In recent years Im interesting in mobile applications development, especially on android platform and integrating with other languages like scala or python. At this moment I am working as business logic developer and my functions in the project are analysis, coding and testing.With the help of software architecture developer, also performance roles in the presentation and backend layer.
Talks
| 2017 | Testing Docker Security |
|---|---|
|
45'
|
Docker is a great technology that allows developers to build and deploy the infrastructure of an application in one source code image, but, security is one of the biggest challenges. In this talk, we present the best practices and lessons learned of security reviews on docker images deployments.
These could be the main talking points:
1-Introduction to docker security ecosystem,examining the main parts of a docker application.
2-Tools for auditing docker images for detecting vulnerabilities like docker-bench-security and lynis
The target of these tools is detect potential vulnerabilities in docker images/containers and to monitor running docker containers for detecting anomalous activities.
3- Other tools for testing the security of a docker container.
We can use tools such as Jenkins/TravisCI for automated testing, and Coveralls to ensure all lines of code inside docker image are tested.
4-Security best-practices around deploying Docker containers in production.
|
