
Álvaro Revuelta M.
12 - 13 March 2025 | Alte Kaserne Winterthur
Systems Developer - SciLifeLab
I’m Álvaro Revuelta, a System Developer that works building cloud-native solutions. At SciLifeLab, I develop Python-based applications in containerized Kubernetes environments and streamline deployments with CI/CD pipelines using GitHub Actions and ArgoCD. I love sharing knowledge as a public speaker and enjoy volunteering at a cat shelter in Stockholm. Let’s dive into container images, kubernetes and cloud-native practices together!

Workshop
Building Secure Container Images.
Room: “Seminar” / 1st floor
Abstract:
In this workshop, participants will learn how to build secure container images. The session will cover essential security practices throughout the image lifecycle, from development to deployment, ensuring that containers are resilient against common vulnerabilities and threats.
Attendees will start with an overview of container security principles. The workshop will then guide participants through practical steps to build secure images using Docker, including:
-
Base Image Selection: Choosing secure, minimal base images to reduce vulnerabilities.
-
Dockerfile Best Practices: Writing Dockerfiles with security in mind, including multi-stage builds, reducing image layers, and avoiding sensitive data leaks.
-
Dependency Management: Scanning and managing dependencies to prevent introducing vulnerabilities.
-
Image Hardening: Techniques for hardening images, such as running as non-root users and setting file permissions.
-
Finally, deploying in a cluster, using GitOps tools such as ArgoCD and SealedSecrets.
We will use several tools such as Trivy for image scanning, Dive to inspect the layers of an image and some pentesting tools that automatically test against a benchmark.
The workshop will also cover strategies for continuously monitoring and updating images to maintain security over time.
Prerequisites for the workshop:
TBD
Number of participants: TBD