Deep Dive into Container Security
2025-09-05 , Workshops 2

Containerizing an application unlocks a wealth of possibilities: in theory, containers can be easily scaled, managed, recreated, defined as code, and more. However, the convenience of these powerful tools sometimes leads us to overlook the underlying mechanics and the security implications involved. While many aspects of developing with containers resemble those of traditional applications, containers also introduce unique characteristics and challenges that must not be ignored.


The goal is to build up upon how containers work, the interaction between chroot, cgroups, namespaces and capabilities; to constitute what we now know as a container. With this in mind, we dive upon a threat model of how container applications are usually deployed and the risks that come out of each of these.

The presentation is demo heavy, with a lot of shell and tests.

Mission Critical Security Engineer at Schuberg Philis

Trying to stay 100% human, mistakes and all. I'm passionate about engineering, understanding how things work and just learning about the amazing world that surrounds us. Born and raised in Guatemala, where I studied Computer Science, went directly into security as a pentester. Switched to the blue team on my journey to the Netherlands. I'm a big fan of programming, reading and spending time with my wife and kids.