Summary we45 Container Container Tech Deep-Dive Union Mount File System Network Namespace Intro to Docker Analysing Docker Layers Container Attacks Authentication Attacks against Host Docker Daemon Direct Access Docker Daemon Configuration Host Network Configuration Vulnerable Libraries - ShellShock Denial of Service Container Security Deep-Dive Limiting Docker Capabilities Container Security Mitigations Trusted Image(s) Docker Monitoring Resource Management Container Vulnerability Assessment Clair Dagda Docker-bench Anchore Container Orchestrators Docker Compose Kubernetes Kubernetes - Attacking A Cluster Cluster Attack Kubernetes - Role Based Access Control Role Based Access Control Kubernetes - Pod Security Policy Pod Security Policy Kubernetes - Resource Quota Resource Quota Kubernetes - Sealed Secrets KubeSeal - Sealed Secrets Kubernetes - Vulnerability Assessment Kube-Sec Kube-Bench Kube-Hunter Kubernetes - Monitoring and Logging Prometheus + Grafana Sysdig Falco Serverless Function Data Event Injection Event-Injection-S3 Server Side Template Injection Broken Access Control None Signed Token Algorithm Confusion None Unique Value IAM Function Privilage Management Permission Flaw SAST Bandit NodeJsScan SCA NPPM AUDIT Safety CTF