Linux and Container Security in Industrial Systems

Hands-on exploitation and security assessment of real-life vulnerabilities in containers and Linux-based systems

Name	SBA Research Cookie
Provider	SBA Research
Purpose	Saves the settings of the visitors selected in the cookie box.
Cookie name	sba-research-cookie
Cookie runtime	1 year

Name	YouTube
Provider	YouTube
Purpose	Used to unblock YouTube content.
Privacy policy	https://policies.google.com/privacy
Host(s)	google.com
Cookie name	NID
Cookie runtime	6 months

Name	Vimeo
Provider	Vimeo
Purpose	Used to unblock Vimeo content.
Privacy policy	https://vimeo.com/privacy
Host(s)	player.vimeo.com
Cookie name	vuid
Cookie runtime	2 years

Linux internals and security configurations
Secure configurations in container systems
Integrations of Linux in embedded systems and necessary hardening
State-of-the-art eBPF programs for detection and protection

Kursdauer: 3 Tage

TeilnehmerInnenanzahl: 12 Personen

Sprachen: Deutsch, Englisch

Inhouse (ab 4 Personen)

Gruppen-Buchungen / Inhouse ab 4 Personen
Schulungsort: SBA Research oder bei Ihnen im Unternehmen
Termine: individuelle Vereinbarung
Vertraulicher Austausch innerhalb des Unternehmens
Lösungsfindung für spezifische Problemstellungen
Diskussion Unternehmensspezifischer Fragestellungen

This hands-on security course explores attacks in modern Linux systems, focusing on container environments such as Docker in cyber-physical systems (industrial, automotive). The participants learn about building blocks of containers, how attack container systems from the inside and outside, as well as defenses. The acquired skills can be applied in the following scenarios:

Assess the security of containerized applications and software deployments
Create defense guidelines for deployed applications and understand their weaknesses
Find vulnerabilities in Linux-based containers and create exploits
Identify supply chain vulnerabilities in container images

This training is a three-day training structured as follows:

Day 1: Linux and Containers

Introduction into container security and first breakout
Attacks via mounted filesystems and Volumes
Container Runtime Interface (CRI) and Capabilities
Image forensics (layers and metadata) SBOM

Day 2: Network and Runtime

Container networks
Lateral movement in container networks
Container Network Interface (CNI) and Network Plugins
Introduction into eBPF
eBPF for Linux and container networking

Day 3: Devices and eBPF

DAC/MAC (App-Armor) in containers
Rootless containers
Devices and device access (breakouts)
eBPF for device control
Ethernet, SPI, CAN

The following theoretical and practical background is covered by the workshop:

Kernel internals: Namespaces, Control Groups v2, syscall interface, Application Binary Interface
Virtual Networking: Container Network Interface (CNI), Network Namespace, Network Plugins
Container Images: image meta data, forensic disassembly, Secrets in images
Permissions and Capabilities; Discretionary Access Control (DAC) vs Mandatory Access (MAC)

State-of-the-art technology, such as eBPF is presented and how modern detection systems use the kernel to identify attackers in Linux and container systems.

Hinweis:

The training takes place in a hosted environment.

Photo credit: ChatGPT.

Cloud software engineers
Site reliability engineers
Dev(Sec)Ops & platform engineers
Security engineers
Cloud architects

Systemadmins
SoftwareentwicklerInnen
IngenieurInnen
SoftwaretesterInnen
Incident Response Team Members
Software-ArchitektInnen
CTOs
Security Champions
Developers
Software Security Engineers

Linux and Container Security in Industrial Systems

Hands-on exploitation and security assessment of real-life vulnerabilities in containers and Linux-based systems

Consulting Area

Ihr Ansprechpartner

Weitere Professional Services

Privacy settings

Linux and Container Security in Industrial Systems

Hands-on exploitation and security assessment of real-life vulnerabilities in containers and Linux-based systems

Ihr Ansprechpartner

Weitere Professional Services