A common misconception is that security is not required in a containerized environement as any threat would only impact the attacked containers. There are a number of vulnerabilities in both containers and underlying infrastructure which give attackers the ability to use a container to take over the host. The most common risk is containers like NGiNX and MySQL which require elevated rights so they can interact directly with other containers. This privilege is called Docker.Sock and researchers are rightly concerned about any container using this privilege but note is is unavoidable for some situates:
https://raesene.github.io/blog/2016/03/06/The-Dangers-Of-Docker.sock/
So what do you do? In the video I will walk you through how docker.sock privilege can be used to gain root access to the Docker host and then demostrate how Symantec Data Center Security can allow the containers full functionality but prevent them from harming docker or the host.
Great overview !