Attackers and Defenders Strategies for Containers Security



The goal of this training programme is to provide a fundamental understanding of container and kubernetes security through hands-on experience.

The course is aimed not just at red/blue team members, but also at students and professionals who are just starting out in the container security.

We’d start with the fundamentals of containers before moving on to specific lab sessions on hacking and defending containers. Real world scenarios would be the focus of this training.

Attendees would be interacting using a dedicated slack channel and post training we would be provided the detailed guide of the lab sessions

Following topics will be covered during the session:

  1. Introduction to Containers/Kubernetes
    • Importance of Containers Security
    • Understanding Architecture
    • Brief on lab set up
    • Lab 01: Spinning up containers
  2. Defenders Strategies
    • Lab 02: Hardcoded Sensitive information
    • Lab 03: Overview CIS Benchmarks
    • Lab 04: Identifying vulnerable packages
    • Lab 05: Diving into Container layers
    • Lab 06: Container Network Security
    • Lab 07: Image integrity check
    • Lab 08: Security Visibility through Logging and Monitoring
  3. Attackers Strategies
    • Lab 09: Dangling container volumes
    • Lab 10: Exploiting Insecure Docker configurations
    • Lab 11: Kernel module to escape the container and get a reverse shell
    • Lab 12: Container Breakout
  4. Attacking defending Using the MITRE ATT&CK techniques for Containers
  5. Mind maps for Container security


  1. Passionate towards Infosec
  2. Basics of Linux

Trainees should bring

  1. Laptop with minimum 30 GB Hard Disk Space & 6+GB RAM
  2. Updated Virtual-box installed (with Ubuntu image)

Key Takeaways

  1. Ton of additional resources for attacking and defending containers
  2. Slack channel for coordination and query resolution
  3. Detailed step by step guide for all lab exercises

About Trainer

Sartaj(@Sartaj2103) is a Microsoft Certified Trainer and Azure Security Specialist with 10+ years of experience as a developer, pentester, CTF player, and security adviser. He is really enthusiastic about information security. He has been associated with Nullcon, Defcon Blue Team Village, Winja. Sartaj has also given sessions at the OWASP Hyderabad Chapter and the Null Hyderabad Chapter.