1  Cover

      2  Title Page

      3  Introduction Meeting the Challenge A Few Conventions Companion Download Files How to Contact the Publisher

      4  Part I: Container and Orchestrator Security CHAPTER 1: What Is A Container? Common Misconceptions Container Components Kernel Capabilities Other Containers Summary CHAPTER 2: Rootless Runtimes Docker Rootless Mode Running Rootless Podman Summary CHAPTER 3: Container Runtime Protection Running Falco Configuring Rules Summary CHAPTER 4: Forensic Logging Things to Consider Salient Files Breaking the Rules Key Commands The Rules Parsing Rules Monitoring Ordering and Performance Summary CHAPTER 5: Kubernetes Vulnerabilities Mini Kubernetes Options for Using kube-hunter Container Deployment Inside Cluster Tests Minikube vs. kube-hunter Getting a List of Tests Summary CHAPTER 6: Container Image CVEs Understanding CVEs Trivy Exploring Anchore Clair Summary

      5  Part II: DevSecOps Tooling CHAPTER 7: Baseline Scanning (or, Zap Your Apps) Where to Find ZAP Baseline Scanning Scanning Nmap's Host Adding Regular Expressions Summary CHAPTER 8: Codifying Security Security Tooling Installation Simple Tests Example Attack Files Summary CHAPTER 9: Kubernetes Compliance Mini Kubernetes Using kube-bench Troubleshooting Automation Summary CHAPTER 10: Securing Your Git Repositories Things to Consider Installing and Running Gitleaks Installing and Running GitRob Summary CHAPTER 11: Automated Host Security Machine Images Idempotency Secure Shell Example Kernel Changes Summary CHAPTER 12: Server Scanning With Nikto Things to Consider Installation Scanning a Second Host Скачать книгу