Container Security: Fundamental Technology Concepts that Protect Containerized Applications
Original price was: $55.99.$30.99Current price is: $30.99.
Price: $55.99 - $30.99
(as of Oct 23, 2024 11:52:35 UTC – Details)
To facilitate scalability and resilience, many organizations now run applications in cloud native environments using containers and orchestration. But how do you know if the deployment is secure? This practical book examines key underlying technologies to help developers, operators, and security professionals assess security risks and determine appropriate solutions.
Author Liz Rice, Chief Open Source Officer at Isovalent, looks at how the building blocks commonly used in container-based systems are constructed in Linux. You’ll understand what’s happening when you deploy containers and learn how to assess potential security risks that could affect your deployments. If you run container applications with kubectl or docker and use Linux command-line tools such as ps and grep, you’re ready to get started.
Explore attack vectors that affect container deployments Dive into the Linux constructs that underpin containers Examine measures for hardening containers Understand how misconfigurations can compromise container isolation Learn best practices for building container images Identify container images that have known software vulnerabilities Leverage secure connections between containers Use security tooling to prevent attacks on your deployment
From the brand
Your partner in learning
Sharing the knowledge of experts
O’Reilly’s mission is to change the world by sharing the knowledge of innovators. For over 40 years, we’ve inspired companies and individuals to do new things (and do them better) by providing the skills and understanding that are necessary for success.
Our customers are hungry to build the innovations that propel the world forward. And we help them do just that.
Publisher : O’Reilly Media; 1st edition (May 12, 2020)
Language : English
Paperback : 198 pages
ISBN-10 : 1492056707
ISBN-13 : 978-1492056706
Item Weight : 2.31 pounds
Dimensions : 7 x 0.42 x 9.19 inches
Customers say
Customers find the book great for explaining the basics of containers. They say it provides enough detail at sufficient depth to provide an understanding of container security. Readers also mention the book is practical and provides clear examples.
AI-generated from the text of customer reviews
13 reviews for Container Security: Fundamental Technology Concepts that Protect Containerized Applications
Add a review
You must be logged in to post a review.
Original price was: $55.99.$30.99Current price is: $30.99.
M. Landron –
Container Security Distilled
Don’t hesitate to purchase this book if you want to quickly learn how to secure container containers. Liz does a great job of explaining relevant security concepts well without belaboring them and she provides enough detail at sufficient depth to provide you with a level of understanding that you may not get from the material you curate yourself. In a nutshell, she arms you with the information you need to have well informed, risk-based discussions with your platform and software engineers about how to optimally secure containerized services. The book is and will remain relevant for quite some time.
Anonymous –
Great Book on Fundamentals for Container Security
The book is well written, with clear examples. Great information on security fundamentals for containers.
Edison Esteban Pizarro Godoy –
Bad paper quality, haven’t read the book yet.
Bad paper quality, haven’t read the book yet.
Burnt Sage –
Best book on containers
Don’t want to leave an exaggerated review, but any developer knows how difficult it is to find books that bridge the divide between high-level promotional ‘documentation’ and underlying implementation. This is the best book I’ve read on the internal implementation of containers: cgroups, namespaces, and the other underlying linux constructs of containers. All of which is highly accessible. Also it is difficult to find security books that involve implementation, not just policies and management. This is a rugged, hands on intro to containers, and a very practical security book. Dear author: more please! Looking forward to version 2!
Bryant –
Great Book for Understanding Containers and Their Security
Liz’s philosophy is that in order to secure you must first understand. This is great, as she dives in early (with great examples) into what exactly containers are for the first third of the book. After that she goes into the concepts and prescriptions for securing your containers, building upon the initial fundamental knowledge. I don’t think I’ve ever found such a conglomeration of such knowledge in one single book. If you want to secure (and know why or how) Docker and/or Kubernetes, this book is a must!
jaudet –
A great deep dive into container fundamentals
In reading this, you will learn about container security. But you’ll also learn about what makes a container a container. I highly recommend this book if you’re interested in answering the question “what is a container, *really*?”
Barry –
Approaches containers and their security challenges in a hands on and pragmatic manner
The authors “Containers from Scratch” conference presentations in 2018 really helped me understand the technology of containers and the operating system components they comprise. This book continues the approach with deep explanations but accompanied with working examples that are relatively easily to follow on along with. A learning style I find works very well for me.
Jeff –
Great Overview of Container Security
Liz did a great job explaining the basics for anyone new to containers, and a good refresh for those already using them. Would recommend for any security professional to read.
Murilo de Araujo Chianfa –
As melhores parte são as explicações sobre os Namespaces para Container Isolation e Container Network Security, já li ele 2 vezes e pretendo ser alguns capÃtulos novamente… Parabéns há todos os envolvidos nesta bela obra.
Harish Babu manam –
Good book
Spyridon N. –
Summary: Overall I found the book informative and well structured. It helped me clear some concepts around containers, their interaction with the operating system and their security.This book is a broad inspection of many technologies that can help you secure your containers throughout their lifecycle. Although the author does not go into many details for each and every technology covered, she puts emphasis on the ones that are important (e.g. she explains the linux kernel namespaces, cgroups and capabilities which are essential to understand how containers work).Also, a big plus for me is that the book has the proper page count: it’s not too brief (you get a lot of info) and not too lengthy (so that you lose yourself in non-essential text).I recommend the book to everyone that is already working with containers; for the people that are not already familiar with them, it may seem a bit advanced (this is also stated in the “Who this book is for” section of the book).
Alex d –
I read this book with understanding of infosec, and a bit about Kubernetes. There’s a lot written about these two topics independently. While other researchers (like Ian Coldwater) have done great work, nothing is published as a book.The book does well in introducing pretty basic concepts and I think you can start with this book if you have very little knowledge about container security.The parts about how to apply basic Linux security measures (like capabilities) to containers is something particularly good.The security checklist in the Appendix is a great summary of the book. It outlines key security things to look for when hardening your system. It makes back references to other chapters in the book (and external resources) so it’s really easy to follow. It’s impossible to create a complete list but this does pretty well.There’s no BS in this book, and there is no spin. The author is quite clear on the limitations of this technology and the need for built-in features. Running containers as root is crazy, and Rice does not downplay this.I have two wishes:- that there’s a better description of exploits that go along with the checklist. This can help pen testers significantly- updates as security research (and container security) developsThere are very few resources online that summarize this topics so well.
Linsey –
I’ve followed Liz on twitter for a number of years as part of trying to keep on top of security and best practices, so when I saw this come out I added it to my wish list. At work we are starting to make use of EKS so now felt like a good time to get up to speed on security before we get too far down a road we can’t get out of !Lots of topics in here, all well explained with examples, some threats I already knew about, but a number of vectors that I had not considered before, including diving deep into how containers actually run on a cluster.Anyone working with containers ought to buy and read this.