[OWASP-Bangalore] Docker Application Pen Testing
timo.goosen at owasp.org
Thu Jul 30 08:53:49 UTC 2015
Look for misconfigurations.
Docker is just what is used to put the code in. Any persistent storage will
be in a docker volume on the actual host.
Also docker is not a vm, its a container.
Some people think docker adds to security. Thats not true.
On Thu, Jul 30, 2015 at 7:24 AM, N. V. R. K. RAJU <nvrkraju4 at gmail.com>
> Hi All,
> I am trying to learn security/pen testing applications deployed in Docker.
> How will a pen test of application deployed in Docker differ from regular
> web app/ cloud app?
> What are all the tools available to test Docker deployed app?
> Should we testing or how should we be testing the application VM for any
> known vulnerabilities?
> Please share your experience working with Docker application security.
> OWASP-Bangalore mailing list
> OWASP-Bangalore at lists.owasp.org
> Twitter : @owaspbangalore
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Bangalore