Doctor Docker: Building Your Infrastructure's Immune System

Presented at BSidesDC 2014, Oct. 19, 2014, 1:30 p.m. (50 minutes).

As hardware is being demoted, the ‘stack’ and PaaS are becoming software. It brings up the question: how can security folks use this to our advantage? We want to show applications built with Docker containers and apply them to the same security challenges seen in more traditional environments. Why should developers have all the fun?


Presenters:

  • Patrick Cooley - Application Security Consultant at nVisium
    Patrick Cooley is an application security consultant for nVisium where he helps our clients assess web vulnerabilities in their critical applications. Patrick has spent the past decade of his professional career in web development and managing enterprise IT infrastructures. He also previously worked as a professionally trained pyro-technician lighting up the Chicago skyline before deciding to follow his passion of application security. Outside of the office, Patrick can be found designing and hacking on digital and analog electronics.
  • Mike McCabe - Director of Profession Services at nVisium
    Mike is nVisium’s Director of Professional Services with nearly a decade of experience with securing web and mobile applications. Mike specializes in iOS, Android, Ruby on Rails, and Java security from both a penetration testing and source code review perspective. His deep understanding of software development allows him to clearly articulate issues to developers and to help prioritize remediation efforts. He regularly contributes to OWASP and the open source community. Mike does not back down from a challenge, and performs deep research into emerging programming languages and frameworks such as Scala, Node.js, and Clojure in order to remain one step ahead of threats.

Links:

Similar Presentations: