Container Security

As containerized and cloud native applications become foundational to modern software infrastructure, the need for a deep, conceptual understanding of their security implications has never been more urgent. Container Security offers a rigorous yet practical examination of the technologies that underpin container platforms--equipping developers, operations professionals, and security practitioners with the mental models needed to evaluate risk and enhance resilience.
Written by Liz Rice, a recognized authority in cloud native security, this updated edition builds on the foundational principles from the first edition while incorporating today's evolving threat landscape, modern tooling, and advancements in platforms like Kubernetes and Linux. Readers will gain a firm grasp of the architectural components behind containers and the Linux primitives that support them, fostering a systems-level understanding of both vulnerabilities and mitigation strategies.
- Examine the technical underpinnings of containers through a security-focused lens - Evaluate evolving risks and defenses across container runtimes and orchestration platforms - Analyze the implications of modern tooling including eBPF and AI-driven approaches - Apply core principles to assess and secure real-world deployments in dynamic environments

Liz Rice is the chief open source officer with eBPF specialists at Isovalent, creators of the Cilium cloud native networking, security, and observability project. She sits on the CNCF Governing Board and on the Board of OpenUK. She was chair of the CNCF's Technical Oversight Committee in 2019-2022 and cochair of KubeCon + CloudNativeCon in 2018. She is also the author of Container Security published by O'Reilly.