✓ Save up to 892€
✓ Transformation day for free
✓ Raspberry Pi or Arduino for free
✓ Sparen Sie bis zu 892 €
✓ Transformation Day gratis
✓ Raspberry Pi oder Arduino gratis
Not all containers are trustworthy – and even those you build yourself can be hacked. Malicious software might be included in the images, or downloaded into the container at runtime. While generic containers should keep the bad guys contained (hence, the name) it is possible to further improve security by limiting which system calls a container may execute. In this talk we’ll explain what system calls are, exactly how to filter them with Kubernetes and Docker, and how doing so improves security.