Forensic analysis of container checkpoints

Check Reference

  1. Modern cloud infrastructure heavily relies on containerisation, and the past few years have seen the rise of different container runtimes like Docker, Podman, LXD, etc.
  2. The Checkpoint Restore In Userspace (CRIU) project is used in these container runtimes to allow users to checkpoint a running container to disk, and restore it later.
  3. This opens up a plethora of possibilities related to containers, like live migration, forensic analysis, stateful reboots, dry runs of updates, etc.
  4. In this talk, we’ll understand how container checkpointing works under the hood, and how it can be used for forensic analysis of containers.

Comments
Want to discuss?
Post it here, our mentors will help you out.