Container Security Engineering (Paperback)
Zak Illman
Sold by Grand Eagle Retail, Bensenville, IL, U.S.A.
AbeBooks Seller since 12 October 2005
New - Soft cover
Condition: New
Ships within U.S.A.
Quantity: 1 available
Add to basketSold by Grand Eagle Retail, Bensenville, IL, U.S.A.
AbeBooks Seller since 12 October 2005
Condition: New
Quantity: 1 available
Add to basketPaperback. Container Security Engineering Rootless Containers, Supply-Chain Integrity, and Runtime Defense for Modern DevSecOps Containers power the world's most critical infrastructure-but most container platforms are still deployed with implicit trust, excessive privileges, and fragile supply chains. As attacks shift from applications to build pipelines, registries, and runtimes, traditional "container security basics" are no longer enough.Container Security Engineering is the definitive, modern guide for building hardened, verifiable, and continuously defended container platforms from the kernel up. Written for today's DevSecOps reality and tomorrow's threat landscape, this book moves beyond theory to deliver practical, production-ready security engineering for Linux containers.This is a systems-level security playbook for engineers responsible for protecting real workloads in hostile environments. What You'll LearnThis book walks you through the entire container security lifecycle, combining deep technical foundations with hands-on implementation: Threat modeling containers with MITRE ATT&CK, shared-kernel risks, and real escape vectors Rootless container architectures using Podman and Docker with secure UID/GID mappings and user namespaces Host and kernel hardening with seccomp, SELinux, AppArmor, sysctl controls, and No New Privileges Supply-chain security with reproducible builds, vulnerability scanning, and SBOM generation using Trivy and Syft Image signing, provenance, and trust enforcement with cosign, registries, and policy gates CI/CD security automation using GitHub Actions, Open Policy Agent (OPA), and release controls Runtime defense and isolation across networking, filesystem access, and process boundaries eBPF-driven detection and observability with Falco and Tetragon for real-time threat visibility Zero-Trust container platforms, workload identity, micro-segmentation, and continuous validation A capstone project that builds a fully secured, monitored, and policy-enforced container platform from scratch Who This Book Is ForThis book is designed for professionals who need security guarantees, not assumptions: - DevSecOps engineers securing CI/CD pipelines and production clusters- Platform engineers building rootless, least-privilege container runtimes- SREs and system administrators hardening Linux hosts and container platforms- Security engineers and analysts seeking runtime visibility and detection- Architects designing compliant, auditable, and zero-trust container environmentsA working knowledge of Linux and containers is helpful-but this book teaches the security engineering mindset . Modern, Practical, and Enterprise-ReadyAll configurations, policies, and workflows have been validated on real Linux environments, including Fedora, Ubuntu, RHEL, and Rocky Linux. The book emphasizes open-source, vendor-neutral tooling and aligns with industry standards such as: - CIS Benchmarks- NIST SP 800-190- MITRE ATT&CK for ContainersAppendices provide ready-to-use reference material, including rootless configuration guides, seccomp and SELinux cheat sheets, CI/CD templates, runtime detection rules, attack simulations, and a detailed glossary of container security terms. Why This Book MattersContainer security has entered a new era-defined by rootless execution, verified supply chains, and continuous runtime defense. Organizations that fail to adapt will continue to ship insecure platforms by default.Container Security Engineering Shipping may be from multiple locations in the US or from the UK, depending on stock availability.
Seller Inventory # 9798279346400
"About this title" may belong to another edition of this title.
We guarantee the condition of every book as it¿s described on the Abebooks web sites. If you¿ve changed
your mind about a book that you¿ve ordered, please use the Ask bookseller a question link to contact us
and we¿ll respond within 2 business days.
Books ship from California and Michigan.
If you are a consumer you can withdraw from the contract in accordance with the following. Consumer means any natural person who is acting for purposes which are outside his trade, business, craft or profession.
Information regarding the right of withdrawal
Statutory right to withdraw
You have the right to withdraw from this contract within 14 days without giving any reason.
The withdrawal period will expire after 14 days from the day on which you acquire, or a third party other than the carrier and indicated by you acquires, physical possession of the last good or the last lot or piece.
To exercise the right of withdrawal, electronically fill in and submit a clear statement on our website, under "My Purchases" in "My Account". We will communicate to you an acknowledgement of receipt of such a withdrawal on a durable medium (e.g. by e-mail) without delay.
To meet the withdrawal deadline, it is sufficient for you to send your communication concerning your exercise of the right of withdrawal before the withdrawal period has expired.
Effects of withdrawal
If you withdraw from this contract, we will reimburse to you all payments received from you, including the costs of delivery (except for the supplementary costs arising if you chose a type of delivery other than the least expensive type of standard delivery offered by us).
We may make a deduction from the reimbursement for loss in value of any goods supplied, if the loss is the result of unnecessary handling by you.
We will make the reimbursement without undue delay, and not later than 14 days after the day on which we are informed about your decision to withdraw from this contract.
We will make the reimbursement using the same means of payment as you used for the initial transaction, unless you have expressly agreed otherwise; in any event, you will not incur any fees as a result of such reimbursement.
We may withhold reimbursement until we have received the goods back, or you have supplied evidence of having sent back the goods, whichever is the earliest.
You shall send back the goods or hand them over to Grand Eagle Retail, Bensenville, Illinois, U.S.A., without undue delay and in any event not later than 14 days from the day on which you communicate your withdrawal from this contract to us. The deadline is met if you send back the goods before the period of 14 days has expired. You will have to bear the direct cost of returning the goods. You are only liable for any diminished value of the goods resulting from the handling other than what is necessary to establish the nature, characteristics and functioning of the goods.
Exceptions to the right of withdrawal
The right of withdrawal does not apply to:
Orders usually ship within 2 business days. All books within the US ship free of charge. Delivery is 4-14 business days anywhere in the United States.
Books ship from California and Michigan.
If your book order is heavy or oversized, we may contact you to let you know extra shipping is required.
| Order quantity | 6 to 16 business days | 6 to 14 business days |
|---|---|---|
| First item | £ 0.00 | £ 0.00 |
Delivery times are set by sellers and vary by carrier and location. Orders passing through Customs may face delays and buyers are responsible for any associated duties or fees. Sellers may contact you regarding additional charges to cover any increased costs to ship your items.