Last updated: April 29, 2026
Containers are everywhere in 2026. Docker, Kubernetes, serverless platforms that are containers underneath. This module covers the security concerns specific to the container layer — separate from the Kubernetes module (Cloud Security M4) which focused on orchestration. Here: image supply chain, runtime isolation, secrets, and container escape.
What a container is (and isn’t)
A container is a Linux process with namespaces (isolated view of processes, network, filesystem, users) and cgroups (resource limits). It is not a VM. There’s no hypervisor. A container shares the host kernel.
Implication: kernel vulnerabilities compromise containers. A container escape means a process breaks out of its namespace isolation and reaches the host.
Custom team training + practitioner advisory
Beyond the free academy — we run private workshops, vCISO advisory, and red-team exercises tailored to your stack. For Indian SMBs scaling past their first hire.