Container Security Engineering: Rootless Containers, Supply-Chain Integrity, and Runtime Defense for Modern DevSecOps

★★★★☆ 4.0 54 reviews

$90.00
Price when purchased online
Free shipping Free 30-day returns

Sold and shipped by fondationcepeo.ca
We aim to show you accurate product information. Manufacturers, suppliers and others provide what you see here.
$90.00
Price when purchased online
Free shipping Free 30-day returns

How do you want your item?
You get 30 days free! Choose a plan at checkout.
Shipping
Arrives Jul 12
Free
Pickup
Check nearby
Delivery
Not available

Sold and shipped by fondationcepeo.ca
Free 30-day returns Details

Product details

Management number 233483292 Release Date 2026/06/27 List Price $90.00 Model Number 233483292
Category

Container Security EngineeringRootless Containers, Supply-Chain Integrity, and Runtime Defense for Modern DevSecOpsContainers power the world’s most critical infrastructure—but most container platforms are still deployed with implicit trust, excessive privileges, and fragile supply chains. As attacks shift from applications to build pipelines, registries, and runtimes, traditional “container security basics” are no longer enough.Container Security Engineering is the definitive, modern guide for building hardened, verifiable, and continuously defended container platforms from the kernel up. Written for today’s DevSecOps reality and tomorrow’s threat landscape, this book moves beyond theory to deliver practical, production-ready security engineering for Linux containers.This is a systems-level security playbook for engineers responsible for protecting real workloads in hostile environments.What You’ll LearnThis book walks you through the entire container security lifecycle, combining deep technical foundations with hands-on implementation:✔ Threat modeling containers with MITRE ATT&CK, shared-kernel risks, and real escape vectors ✔ Rootless container architectures using Podman and Docker with secure UID/GID mappings and user namespaces ✔ Host and kernel hardening with seccomp, SELinux, AppArmor, sysctl controls, and No New Privileges ✔ Supply-chain security with reproducible builds, vulnerability scanning, and SBOM generation using Trivy and Syft ✔ Image signing, provenance, and trust enforcement with cosign, registries, and policy gates ✔ CI/CD security automation using GitHub Actions, Open Policy Agent (OPA), and release controls ✔ Runtime defense and isolation across networking, filesystem access, and process boundaries ✔ eBPF-driven detection and observability with Falco and Tetragon for real-time threat visibility ✔ Zero-Trust container platforms, workload identity, micro-segmentation, and continuous validation ✔ A capstone project that builds a fully secured, monitored, and policy-enforced container platform from scratchWho This Book Is ForThis book is designed for professionals who need security guarantees, not assumptions:• DevSecOps engineers securing CI/CD pipelines and production clusters • Platform engineers building rootless, least-privilege container runtimes • SREs and system administrators hardening Linux hosts and container platforms • Security engineers and analysts seeking runtime visibility and detection • Architects designing compliant, auditable, and zero-trust container environmentsA working knowledge of Linux and containers is helpful—but this book teaches the security engineering mindset .Modern, Practical, and Enterprise-ReadyAll configurations, policies, and workflows have been validated on real Linux environments, including Fedora, Ubuntu, RHEL, and Rocky Linux. The book emphasizes open-source, vendor-neutral tooling and aligns with industry standards such as:• CIS Benchmarks • NIST SP 800-190 • MITRE ATT&CK for ContainersAppendices provide ready-to-use reference material, including rootless configuration guides, seccomp and SELinux cheat sheets, CI/CD templates, runtime detection rules, attack simulations, and a detailed glossary of container security terms.Why This Book MattersContainer security has entered a new era—defined by rootless execution, verified supply chains, and continuous runtime defense. Organizations that fail to adapt will continue to ship insecure platforms by default.Container Security Engineering gives you the knowledge, patterns, and confidence to build container platforms that are provably secure, operationally sound, and resilient by design. Read more

ASIN B0GBBD9HZ5
XRay Not Enabled
Language English
File size 1.7 MB
Page Flip Enabled
Word Wise Not Enabled
Print length 344 pages
Accessibility Learn more
Screen Reader Supported
Publication date December 21, 2025
Enhanced typesetting Enabled

Correction of product information

If you notice any omissions or errors in the product information on this page, please use the correction request form below.

Correction Request Form

Customer ratings & reviews

4 out of 5
★★★★☆
54 ratings | 22 reviews
How item rating is calculated
View all reviews
5 stars
75% (41)
4 stars
8% (4)
3 stars
4% (2)
2 stars
2% (1)
1 star
11% (6)
Sort by

There are currently no written reviews for this product.