Learn how to use application exploits to gain access to a container
Learn how cgroups and namespaces limit what a container can do
Learn how to protect against fork bombs and resource starvation
Learn how to test your infrastructure for secure best-practices
Learn how to change root account via user namespaces
Learn about allowing root-level operations to untrusted users with kernels capabilities
Learn how to use Seccomp to restrict syscalls
Learn how to restrict applications with correct flags gaining root access
Learn how AppArmor profiles protect processes
Learn how Bane can be used to generate AppArmor profiles
Scan images for vulnerabilities before running them
