Learn Docker Security using Interactive Browser-Based Labs

By Ben Hall

Understand real world patterns and approaches in a live environment without any downloads or configuration

Get Started!

Scenarios Completed
Progress
Points
0 of 10
0%
0
Create Your Free Account
SCENARIO 1

Hack ElasticSearch container

Learn how to use application exploits to gain access to a container

Start Scenario
SCENARIO 2

CGroups and Namespaces

Learn how cgroups and namespaces limit what a container can do

Start Scenario
SCENARIO 3

Introduction to Seccomp

Learn how to use Seccomp to restrict syscalls

Start Scenario
SCENARIO 4

Use No New Priviledges flag to restrict additional access

Learn how to restrict applications with correct flags gaining root access

Start Scenario
SCENARIO 5

User Namespaces

Learn how to change root account via user namespaces

Start Scenario
SCENARIO 6

Generate AppArmor profiles using Bane

Learn how Bane can be used to generate AppArmor profiles

Start Scenario
SCENARIO 7

Ignoring Files From Docker Build

Learn how to ignore files being sent to the Docker Build Context or included in an image

Start Scenario
SCENARIO 8

Access .ssh keys during Docker build

Dockito OnVault provides access to .ssh keys without them being stored in the image

Start Scenario
SCENARIO 9

Store Secrets using Hashicorp Vault

Learn how to store and manage secrets using Hashicorp Vault

Start Scenario
SCENARIO 10

Read Vault Secrets from Containers

Learn how to read secrets from Hashicorp Vault from inside Docker Containers using Volume Drivers

Start Scenario