Ultimate Container Security Series

Welcome to the Ultimate Container Security Series.

Over the past few years, I’ve been working extensively with containers and their security aspects. I’ve read many great books, blogs, and tutorials, and I’ve also run containerized workloads in production environments. During this time, I felt the need for a well-organized, practical series that covers the most important container security topics in one place.

This series is my attempt to bring together the key concepts, real-world scenarios, and practical recipes needed to understand and apply container security effectively. The goal is to help readers learn the topics faster, with examples that can be easily applied in real production environments. Whenever possible, I’ll include working examples to make the concepts easier to understand.

Series Structure

The series will be divided into five main parts, and each part will consist of multiple chapters. Each chapter will be published as a separate blog post.

You can use this post as the main reference to see:

• what has already been written,
• when a chapter was last updated,
• and which topics are coming next.

I recommend bookmarking this page, as it will also be used for future announcements and updates related to the series.

Main Outline

PART 1: Foundations

• Chapter 1: Container Security Threat Model (updated: 4.1.2026)
• Chapter 2: How Container Isolation Works (writing in progress)

PART 2: Secure Container Image Building

PART 3: Registries & Supply Chain Security

PART 4: Host & Container Platform Security

PART 5: Container Runtime Security

Goals of the Series

The goal of this series is to provide an up-to-date overview of the most important container security topics, supported by real examples and best-practice solutions.

Container technologies evolve very quickly, so this series is not static. Chapters may be:

• updated,
• expanded,
• reorganized,
• or extended with new topics over time.

The dates listed next to each topic in this post will serve as a reference point to indicate when a resource was last updated.

Release Plan

Writing a full course takes time. My goal is to publish most of the planned topics by July 2026.

I plan to update the series weekly, and in some cases even daily, depending on the topic and complexity.

The full course content will also be available on GitHub, including examples and supporting materials.

If there is a specific container security topic you are interested in, feel free to leave it in the comments. I’ll do my best to cover it as part of this series.