- Foreword by Liran Tal
- Foreword by Hamida Rebai
- About the Contributors
- About This Book
- Preface
- Acknowledgements
- Part I: Introduction to Docker
- Chapter 1: Introduction to Containers and Container Security
- Chapter 2: Exploring Container Security Tools
- Part II: Docker Supply Chain Security
- Chapter 3: Supply Chain Security for Application Development
- Chapter 4: Secure Docker Image Building Practices
- Chapter 5: Integrating Container Security within CI/CD Pipelines
- Part III: Kubernetes Security
- Chapter 6: Securing Containers in Kubernetes
- Chapter 7: Kubernetes Cluster Security
- Chapter 8: Logging, Monitoring, and Auditing in Kubernetes
- Part IV: Architecture and Future Trends
- Chapter 9: Designing a Secure Dockerized Application Architecture
- Chapter 10: Emerging Trends in Container Security
- Index
Docker and Kubernetes Security
Supply Chain Security + Runtime Protection
A practical, hands-on guide to securing Docker and Kubernetes workloads from build to production—recognized as a DevOps Dozen 2025 finalist for Best DevOps Book of the Year. Learn how to generate SBOMs, publish attestations, harden images, detect threats, and build a modern supply-chain-aware DevSecOps pipeline.
Minimum price
$39.99
$44.99
You pay
$44.99Author earns
$35.99PDF
EPUB
About
About the Book
Containers are evolving fast—and so are the attacks against them.
In 2025, supply chain attacks, AI-driven threats, and sophisticated cloud-native exploits are more common than ever. This book is your up-to-date guide to defending Docker and Kubernetes in this new landscape, using the latest tools and techniques.
Covering every layer of container security, you'll go from foundational concepts to hands-on implementations. Starting with a clear overview of Docker, Kubernetes, and Linux containers, you'll learn how to:
- Build secure container images with SBOMs and attestations using modern standards like OCI 1.1 referrers
- Integrate security into your GitHub Actions and GitLab CI/CD pipelines
- Enforce pod security policies and manage secrets with RBAC
- Monitor Kubernetes runtime activity with Falco and Grafana
- Detect vulnerabilities early using tools like Docker Scout, Trivy, and Snyk
- Apply shift-left security and even Gen AI approaches for smarter defenses
Along the way, you'll tackle real-world challenges like scalability, disaster recovery, and securing multi-tenant clusters. With a focus on supply chain defense, you'll learn how to protect against the very same threats making headlines today—like the recent npm package compromises.
By the end of this book, you'll be ready to address the full spectrum of container security challenges and future-proof your DevOps pipelines, ensuring your applications are robust, secure, and ready for production.
Author
About the Author
Mohammad-Ali A'râbi
Mohammad-Ali A’râbi has been coding for 20 years—starting with printf, ending up in the world of Docker, Kubernetes, and a suspicious number of Bitcoin miners lurking in clusters. He’s a Docker Captain, Snyk Ambassador, conference speaker, and organizer of the Docker Black Forest meetup in Freiburg.
He writes the Git Weekly newsletter, builds weird side projects, and occasionally publishes books—like the DevOps Dozen 2025 finalist Docker and Kubernetes Security.
He lives in the Black Forest, where he protects developers from CVEs, YAML demons, and runtime surprises.
Contents
Table of Contents
Get the free Community Edition
Enter your name and email address and click the buttons to the right to get the free Community Edition in PDF or EPUB, or just click this link to read a shorter sample online here
The Leanpub 60 Day 100% Happiness Guarantee
Within 60 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.
Now, this is technically risky for us, since you'll have the book or course files either way. But we're so confident in our products and services, and in our authors and readers, that we're happy to offer a full money back guarantee for everything we sell.
You can only find out how good something is by trying it, and because of our 100% money back guarantee there's literally no risk to do so!
So, there's no reason not to click the Add to Cart button, is there?
See full terms...
Earn $8 on a $10 Purchase, and $16 on a $20 Purchase
We pay 80% royalties on purchases of $7.99 or more, and 80% royalties minus a 50 cent flat fee on purchases between $0.99 and $7.98. You earn $8 on a $10 sale, and $16 on a $20 sale. So, if we sell 5000 non-refunded copies of your book for $20, you'll earn $80,000.
(Yes, some authors have already earned much more than that on Leanpub.)
In fact, authors have earned over $14 million writing, publishing and selling on Leanpub.
Learn more about writing on Leanpub
Free Updates. DRM Free.
If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).
Most Leanpub books are available in PDF (for computers) and EPUB (for phones, tablets and Kindle). The formats that a book includes are shown at the top right corner of this page.
Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.
Learn more about Leanpub's ebook formats and where to read them
Write and Publish on Leanpub
You can use Leanpub to easily write, publish and sell in-progress and completed ebooks and online courses!
Leanpub is a powerful platform for serious authors, combining a simple, elegant writing and publishing workflow with a store focused on selling in-progress ebooks.
Leanpub is a magical typewriter for authors: just write in plain text, and to publish your ebook, just click a button. (Or, if you are producing your ebook your own way, you can even upload your own PDF and/or EPUB files and then publish with one click!) It really is that easy.