Docker can be your worst enemy if you don’t know what you’re doing.
What it’s about
With Roberto Muñoz we presented advanced techniques to trojanize Docker images and compromise systems through containers.
This talk covers:
- Docker image trojanization
- Backdoors in containers
- Attacks on Docker registries (Docker Hub, private)
- Supply chain attacks through images
- Persistence and lateral movement via Docker
Why it’s relevant
Everyone uses Docker. Everyone trusts third-party images. Nobody verifies what they actually contain.
A trojanized image can compromise your entire infrastructure. And it’s easier than you think.
Impact
This talk made many companies start scanning their Docker images and implementing private registries with security policies.
Dockerscan, my tool for Docker security analysis, was born from this research.