This repository is used to support the 2-day Secure Container Deployment hackathon. Groups of people will work together in teams to work through challenges. Challenges are open-ended with different pathways to success and different teams may come up with different solutions.
❕ If you are interested in having this event run at your organization, please reach out to your local Palo Alto Networks team for details.
You work for PC Corp as a member of the information security team. Internal and external developers are constantly updating applications and recently there have been several critical issues related to vulnerable container deployments. New sales contracts are also requiring changes to the current operating procedures at PC Corp. The ratio of developers to security professionals at PC Corp is 100:1 so you must leverage tools that can scale to help bridge the gap in workload distribution.
- Prisma Cloud Tenant ☁️
- GitHub Account
- Pair off in teams of 4-7 👥
- Choose 1 user in the group to be the team lead 🙀
- Clone this repo to the team leads GitHub account 📁
- Work together to solve challenges as they are presented by the event proctor 👨🏫 👩🏫
💡 Having users with diverse backgrounds yields the most interesting results in solving increasingly complex challenges. The most successful teams contain people from different departments, with different skill sets, and different points of views.
- Discovering container vulnerabilities
- Securing secrets in code
- Container development lifecycle
- Container tagging strategies
- Building container base images
- Container layer caching
- Balancing developer productivity with security
- Blocking risky deployments
- Modeling container runtime behavior
- Patching container vulnerabilities
- Container image provenance
- Securing running containers
- Container registry scanning
- Build and release strategies