Docker Security

How Abusing Docker API Led to Remote Code Execution, Same Origin Bypass & Persistence in the Hypervisor via Shadow Containers

Containers are a major disruption in application technology, and as any new technology present new security challenges. Aqua researchers have identified two sophisticated attack vectors that target developers: we call these 'Host Rebinding' and 'Shadow Container' attacks. 

In this paper, which was presented on stage at Black Hat USA 2017, we describe the progression of a multi-stage attack in detail and recommend steps developers need to take to secure their containerized environments. 

Download this whitepaper to:

  • Understand how a persistent attack can originate in a developer environment
  • Take steps to better secure container developer environments

Get your copy today!

Get the White Paper