okay let me just get myself into the screen hello everyone it's great to uh great to have you all here uh i saw the comments are we going to start now i've been waiting behind my screen so i thought okay this that's my cue that's my cue to appear to appear in the webinar we might wait just a few minutes just to make sure that uh that everyone gets a chance to get online before we get into it but uh when we're while we're waiting for everyone why don't we why don't you let us know in the chat bar there whereabouts in the world you're tuning in from we are coming at you uh live from paris in france here today but uh india switzerland awesome mexico great wow we've got a whole lot of places london india portugal stockholm oh another one in france bonjour avenue twitch land germany costa rica i uh i'm from new zealand originally i was uh i was really hoping that i get someone from new zealand but to be here it's 4 8 4 a.m i think that's even a little bit too early for my mum to tune in if my mom's not going to do it i don't think anyone else will but we'll see if you are tuning in from new zealand and you got up at 4 am to watch this stream let me know i'll send you a gift uruguay usa brazil paris new haven scotland scotland someone from where my name is mackenzie i have a very scottish name scottish ancestry this is awesome that's great to see well mike it just started now before we uh wait too much longer so i really want this webinar to be to be uh full of participation and to be a interactive as possible so it's great to see everyone participating in the chat so uh yeah continue with that those that are active in the chat in the polls and the questions will go on the draw to win a swag bag for your participation we'll announce who that is at the end of the webinar so ask lots of questions um participate in the chat have some conversations and you can win a swag bag so you can look like a very stylish get guardian billboard and just uh quickly to let everyone get familiar with the the layout of this i'll try and answer questions or get guardian team members will try and answer questions from the chat but if you do have a specific question you have you down the bottom you'll see ask a question and also polls down there so if you ask us a question in that section it's more likely that i'll be able to see it and get around to us answering it for you so yeah we're watching i was really thrilled to see we have over 60 countries tuning in today or at least registered so we might we might lose a few there but uh it's great to have so many people from around the world i'm sure it's morning evening and night for different people so great to uh great to hear italy we have a new one i don't think we have anyone from italy yet so that's uh fantastic to see so uh we have a couple of polls in here that we will reveal the answers to throughout the presentation so the first one here is we're going to be talking a lot about docker images docker hub and finding leaked credentials leaked secrets within uh docker images and first of all i want you to know under the poll section let us know what you think how what percentage of docket images that are public the ones that you can find on docker hub what percentage of them do you think is going to contain leaked credentials so api keys and this kind of nature let us know and we'll reveal what is the correct answer as we go through the presentation so just to start we're going to cover a fair bit of ground in this webinar i'm not going to go into great detail about specific topics there's other videos that i have online if you want to find out more about these but i do want to keep everyone up just up to speed so that we have a lot of different people at different uh levels of understanding so i'm going to quickly go through what are secrets and what is docker so everyone kind of can be familiar with what we're talking about so what are secrets so secrets are typically anything that we don't want public as the name would suggest but when we're talking about it in software and programming and software engineering we generally are talking to digital authentication credentials or certificates so these are things like api keys so it might be api keys to your cloud infrastructure api keys to microservices or sas platforms that you're using it's also credential peers so credential pairs could be username and passwords to systems it could be username and password to your database which is a really common one and also things like security certificates and private keys basically ways to encrypt information and decrypt it so these are really highly sensitive the problem with secrets is that they've made to be used programmatically which means that we need to distribute them widely our developers need these to test systems uh they end up in source code frequently and they become really leaky but this is important because these are the keys to our kingdom these are the master keys the inner working of our application if these leak then they can grant access to internal systems to attackers and they quite often do leaks so let's talk a little bit about you know how these these secrets are used in a modern application so let's say that we're building from scratch uh an application with a million dollar business idea we're going to launch this so we start off building it first thing we need to do is decide what stack what tools we're going to use to do this so let's say it's a django application we immediately have django keys that we need to deal with and manipulate when going through this we're obviously going to need to make money from our application so we're going to have credit card processing now we're not insane we're not going to write this from scratch we're going to use a service stripe maybe paypal we need to have a database so we're going to use mongodb we need to have a search function so instead of building that we're going to use algolia we need to have uh great authentication and login services we'll use octa for that and before you know it your simple application is this collection of different platforms different services different providers uh and that and this is great because it means we can move quickly and we can build this really secure application but it means we need to leverage these secrets right and then we need to host our application somewhere so we haven't talked about infrastructure yet so we maybe we're going to host it on aws we're going to need to get reporting on this we need to have our code in a central repository and stored somewhere so we're going to use github for this all of these leverage credentials even vault which is used to store credential needs credentials to access it so we end up with this huge collection and then once you launch the app the pesky marketing team is going to want dashboards from graphing they're going to want slack integrations they're going to want all these different tools so they can see it and then we haven't even started talking about these custom internal microservices that you're creating that your app leverages to be able to communicate which also leverage secrets so this is a very simple example but it should be relatable and how we can end up with hundreds and sometimes even thousands of these different secrets uh to make our application run so how do they end up in docker and other places well you know commonly secret sprawl through source code so they can end up in a git repository maybe they're hard-coded maybe they're in history in a version that you've forgotten about they can be shared on messaging systems they can be exposed when we're running our application or when we're distributing it so that they can be exposed through docker in this case and they also backed up and cloned so imagine all the places your source code ends up from creation all the way through to your deployment it's going to be on multiple machines it's going to be in cloud drives it's going to be backed up onto different servers it's going to be in your internal wikis it's going to be on your messaging system it's going to be everywhere so this is collectively what we call secrets bro so let's quickly talk about docker and i'll move on from secrets uh now so uh what is docker soccer can be a little bit of a black box even those that kind of understand what docker does can still be a little bit confused uh by some of the inner workings of it so docker really has three parts to it so we have our docker file our docker image and our docker container now what docker does simply is it packages together all the inner working components that your application needs to run and when you run it runs inside a container so it means that if you're reliant on different databases different services then rather than installing them more manually you can package these together and it makes it much faster much easier to deploy the docker file is really what we use to describe our docker image so our docker image is going to attain our application and it's going to contain other assets that our application needs to run its dependencies we describe all this in the docker file when we run our image it runs within a container so the the three elements here yeah so docker file we describe what our docker image is our application that's in there the different components it needs when we run that application it runs within a container like a virtual a virtual operating system so that's that's what docker so let's talk a little bit about the inner workings of docker so docker can be this mystery black box um and you know it can be this thing where you can even build an image but not really understand exactly what's happening in there or how do we extract files and secrets from this so i have an example here and actually what i'll do is i'll show you and working example might be a bit easier so yeah so this on my screen uh let me make this bigger this on my screen here is inside a docker image so where my where you're seeing is highlighting these are the different layers of a docker image so you know how your git history has different layers to it where you can go back so you when you build an image it does it in layers so these are the different layers that we can see now what you'll see here especially in green over on this side of the page these are the different files so we have here a directory called app you can imagine that the application is running within this these are all the files that our application needs to run so even though we've built this docker image this mystery black box there's extractable files in here there's data so if we have secrets in our source code well that secrets are going to be in these files in our docker image and the next layer here we've got our dependencies and different so there's multiple layers of of a docker image but it's not just kind of we can maybe think of docker as this confiscated and this encrypted kind of mystery box that doesn't really have readable you know or readable files within it but it's not true it's essentially you know you can almost think of it sometimes as a bit of a zip you know like a zip folder that has your actual folders that are extractable that are readable within it so how do our secrets even end up in docker in the first place so later on we're going to talk about what we found in public uh public spaces in docker so in docker hub specifically but how do these secrets end up in there so the number one place the secrets that we will continue to find secrets are inside our source code so this is true for git repositories and it's true also for docker images so if we have hard-coded credentials in our source code they're going to end up in our docker image if we uh if we're building our docker image locally so ideally you'll probably want to do it from a from a ci cd pipeline so it's building from your git repository so that you have a clean git repository you'll hopefully have a clean docker image but if we're building it locally we can kind of forget what what is extractable on a docker image and and throw things like debug logs or accidentally you know or configuration files or environment variable files these can be wrapped up packaged in our docker image and this is going to make them be vulnerable and it's going to expose them to the public the next place that we can really find some secrets inside our docker files inside our kind of images is within the docker file itself so we talked about the different stages so the docker file describes your docker image and one place that we we might have secrets in this docker file itself so in this example here what you have is we're going to be pushing this to a package manager in this case pip so we have here uh a username and a password that that package manager is going to use to authenticate ourselves so we can push it to there we could describe these insecurely in our docker file uh and then that package manager will pull these so let's just say we're sending it through https request we're firing these off but these are actually hard-coded in our docker file which means that they will end up in our docker image and they'll be extractable now that use case doesn't happen a whole lot because when you're typing in your secrets into that file it just feels wrong but hopefully but here's a here's a use case that we do see and uh and and it kind of makes sense you can see why this use case here so what we have going on here it's very similar to the last example we're pushing a docker image to a package manager uh pip again and we're to pass credentials to it so that we can authenticate ourselves with this private package manager so to do this we're using a net rc file and essentially what we're saying here is we're going to copy our netrc file which is going to have our credentials in it and then we're going to pass these to our package manager and then at the very last step we remove the net rtc file so that we're basically saying we want to grab this file we want to pass the credentials to pip and then we don't want this file in our docker image because it has credentials so we're going to delete it from the docker image so this kind of makes sense right you're using the credentials and then you're removing them but as i said docker has layers to it so even though that we are removing this file on the later stages it's going to be in previous versions of our docker image and as i showed you before we're going to be able to go back and see these different layers so we're going to be able to find our credentials and they're going to be exposed so another way that credentials can end up inside our docker images so next let's i really want to talk about what is a real world example where credentials have been extracted from a docket image and then they have been used in an attack that actually happens so earlier this year you guys probably would have heard that codecov a code coverage tool was breached and this affected thousands of different customers that kodkov was using now to start wasn't sure exactly the extent of this and the headline started to come out and it wasn't until massive companies started reporting that they had been breached as a result this is what we call a supply chain attack codecov was part of this company's supply chain so rapid7 came out and said that they were affected from this monday.com uh twilio and even hashicorp a cyber security company was affected because of this code called bridge so just to quickly explain what code cov is and and how this happened so code covers a code coverage tool it sits within your ci uh pipeline and it basically checks to see how much of your application you're testing so if we look at what this looks like is we have our code we commit it and then we pass it through to our ci pipeline and codecov is part of this ci pipeline now what's important to know is that the ci pipeline needs to build your application and it needs to test it and to do this it needs to leverage secrets so to securely pass these secrets which is the correct way of doing it we have these secrets in as environment variables within our ci pipeline so these may be things like our get credentials you know or our uh our package manager credentials like what we did through the examples of the the docker file so these set as environment variables within our ci pipeline what these attackers were able to do is that every time codecov was run they dumped all the environment variables that were running on these different companies 20 000 different customers and then they sent them to a remote server they basically sent all the passwords that were in that cr environment to the attackers at their remote address so pretty scary stuff how did they do this well they were able to update a bash uploaded a script within codecov and they did this because in the code called docker image they had an exposed git credential this gave their attackers access to their git repositories they were able to update this bash uploader script and i think there's a few thousand lines of code in this batch uploaded script and it's just one line just one line in here that actually just showed uh that that's sending these environment variables it would be very easy to miss if you didn't know what you're looking for and the change came from an authorized person and then they were able to compromise code cov and then from that they were able to gain access to all these git repositories that these companies were using so the target in this attack was actually private git repositories they wanted the git credentials from that ci environment to be able to go into these private good repositories so this here is a real life example that shows that what we're talking about isn't just theoretical you know this is an active threat and dollar can be a blind spot for even large companies that are security focused because it can be such a mystery uh a mystery and it's not really kind of on the public radar like git repositories or other elements are so we have to be uh we have to be we have to be careful when we're leveraging these credentials inside docker okay so we have another poll so down the bottom you'll see the poll uh the poll tab there make sure you post your answers in that let me just get this one active okay so i want to know from you guys do you use docker hub do you publicly uh publish your docker images from your company or from your personal projects or do you only use private uh package manage or private uh hosts to just store these so really interested to hear what you guys are using for that now whilst you're doing that i'm just going to get henry our head of r d onto the screen so give me one second [Music] okay all right squish in squish in [Laughter] so welcome henry welcome to the to the webinar it's great to have you here thanks mackenzie for inviting me that's all right you had no choice move over a little bit more you're just being card off there it's a small square so why don't you uh introduce yourself and tell you what your role is here at gegardian and how long have you been working here for yeah so i'm henry i'm a french engineer and i work at the guardian on the research and development team so my job is mainly to maintain the secret detection engine and find new ways to detect secrets and other places okay and so yeah we conducted the research on docker images so your uh your role here you're getting is really focusing on beyond detect secrets in different ways making sure we're not picking up false positives yeah and also that we're picking up two positives yes what what are some of the challenging aspects of being able to accurately detect secrets in your job what makes it difficult to be able to determine false positives and true partners there are many challenges i think the first one is that there are many different ways to use credentials like even in code you have different languages you have different types of credentials like standard api keys that you will use in a http call and you also have like private keys that you will use in a ssh connection for for instance and all the developers will not write their code in the same manner so that's one problem that when challenge that we have okay so we had a poll at the start as you would have heard we wanted to know what percentage of images the people think that uh [Music] that they're docker images what percentage of docker images have secrets in them i forgot my words there so do you want to reveal the number i'm looking at the polls here most people think it's 12 i'm really surprised that's a that's a large a large number of uh dog images yeah sure and everyone seemed to agree with each other and what uh where you thought before i told you the true the truth yes yeah what did i think so uh i was really surprised at the number i thought it was going to be on the lower end i thought it was going to be about one two percent uh of docker images the reason being is that uh you know this is an advanced technology it's at the end of your development process this isn't something that our students that are starting off going to be leveraging a lot of uh so you know when you talk about git repositories and stuff we find a lot of secrets from uh django keys from the first project or this type of thing so i was surprised i was surprised when you told me yeah so actually the number is seven percent seven percent so i'm surprised uh twelve percent was there was one but i guess it does i guess we knew it was going to be a bigger number than three percent so we weren't going to think that so i guess 12 is probably the obvious answer to pick the year but congratulations to anyone that picked seven percent uh but yeah there are right now eight over eight million publicly available docker images on docker hub so you take you know seven percent of over eight million well we get to quite a lot about 750 000 images uh potentially vulnerable from this but why don't we move on to talking about the experiment that you guys conducted that specifically related to docker images and how much secrets you found within these and let's start by maybe walking us through what you did what the experiment was yes so the experiment was taking some random images from docker hub so we used the public images and once we gathered those images we tried to split those into layers and inspect the files that were in them as you explained before and then run more secret scanner on that okay and what were some of the challenges that you guys faced in terms of docker images so you have been scanning has been scanning git repositories for a long time how are docker images different and what are some of the technical challenges in trying to scan docker images for secrets well the first challenge was to pull those images because the api from docker is not made for that i mean it's meant to be pulled with docker but not with code like manipulating it so that was the first uh challenge we had and then we had the issue that as you've shown docker images have a lot of other files that are not the app like exactly yeah there are some files used for authentication but those are not files from the developers there are standard files that are used by all the images and we had to filter those out because the scan would have been too long and we may have had more false positives right so when you're talking about that when we've broke down the docker image we could see that there was a lot of files that related to the dependencies that they needed to run for instance a python app will have python uh within there uh and different areas of different files that are standard are these the the files that you're talking about and you didn't want to scan these yeah we didn't want to scan those because it would have been time consuming for files that we know wouldn't contain secrets added by the user right okay so let's have a look here i'll post it up on the screen now so how many docker images oh what was how much data did you scan during this during this experiment so for this experiment we took two terabytes of data um so you thought it was enough to find a lot of secrets and we were right yeah and of that two terabytes seven percent of the docker images in there contain secrets so what we have on the screen right now uh that your my screen's over here that's why i'm doing this uh but what you'll see on your screen in front of you right now is uh a list of their different types of secrets that we found and there's two columns here you'll see one is kind of saying what percentage uh you know what percentages were found in public docker images and the percentage found in public get repositories so we're comparing these so if you don't know get guardian scans all public git repositories every commit that you make will scan it for secrets and we're comparing this against the docker images so that we can have uh you know just get some some more information and the results are quite interesting so what i'll point out henry is that on our screen we see the fields for other and private keys as specifically private keys are way higher than what we find in public repositories why what what let's start off saying what are these categories well i don't know and then we'll look into why are these founded docker images so much yeah so first the category other as it may explain by its name it's everything that is not in the other categories but to be more precise uh it's mainly or generic detectors so these are detectors for which we cannot infer the provider like let's say it's an api key but it's not a google api key and we know that but we don't know for which service this api key is for and and would that be because of internal services that are being run so you have these micro services that you're creating as a company you're leveraging secrets you've got to communicate with these but it's not a public provider of a service or a sas platform yeah exactly and this is what we found is that there are many more internal services exposed in docker images than in public tips repositories and so this is why we have so many uh other category uh secrets and private keys is that similar sort of category private keys are what are they used for yeah so private keys are used for authentication like ssh so mainly on an infrastructure level so we expected those to be in a higher percentage in docker images because these are more related to infrastructure than code okay and if we look through all the rest of the results what we'll see is that in every category from then on so development tools data storage cloud providers version control panels we find way less secrets inside a docker image so this can be explained because are there less secrets exposed in the source code of docker images and more that relate to the infrastructure that are exposed in different layers of a docker image yeah um sort of sort of in fact there are less secrets because there is less diversity like less new users as you pointed out that pushes public docker images so the level of kind of competency that we get to once we've like reached this reached building docker images is more advanced so therefore we're more security focused but then why how does that then explain that uh we find all these other types of keys in in here that relate to infrastructure is there is there a blind spot in how we understand security and what these docker images do yeah from i think there is a blind spot in uh for docker security because it's at the um it's between the development teams and the teams in charge of production and in charge of the infrastructure and so i think some parts are not monitored by any of the team right okay so where is this area it's just a mystery box do you think that there is a lack of understanding about what docker does which doesn't help this definitely and should developers learn more about docker or do we need to invest in training in other areas do you think i think we should invest in security first and yeah the docker area is a really important field because of what i said before like it's a blind spot and also we should like developers and security teams should learn to use as many tools as they can like too many tools is not to find a problem right okay well there we go it can be overwhelming as a developer to learn all these different things but i think it's important one thing that i think i like to stress in in my advocacy role is that you don't need to become an expert in everything you don't need to become a security expert as a developer you don't need to become an infrastructure expert as a developer but you need to understand it and you need to be able to communicate with other team members about this so it's good to have a wide range of knowledge and i think security knowledge in particular is one that's like very highly valued so there well thanks for that what i want to do is i want to pass it over to you guys here we have some questions uh if you have any questions uh oh here's a good one here that relates to false positives if you have a question ask us in the questions and answer section or you can post them in the chat so the first one we had is how do you make sure that these weren't false positives how do you make sure it's not random high energy strings high intensity is just a mumble jumble of numbers that's what an api key looks like how can we be sure of that uh so there are two ways of doing that first we know the precision of our tool because it's the same secret scanner as we used in secrets in git code and the second one is by manual inspection like we spent quite a lot of time looking at the secrets ensuring they were not false positives with with that git scanner i'm going to put you on the spot here too sorry about that but without get scanner we have all this information we we refactor this into our algorithms to make sure that we're capturing uh true positives because the docker images are different uh is there well in order and you said it's a manual process in order to remove that manual process in the future do we then need to uh continuously scan do we need to build this up or is it closely related to to get the git repository so we can build both together uh we should be able to build both together in fact our secret detection engine can work on anything as long as it's text okay so if the base image this is another good one yeah if the base image is exposed to sacred uh it's counted as two different images with the vulnerability or it just so if the base image is used to have an exposed secret it's accounted as two different images for vulnerabilities the base and my image or just the one so this kind of relates back to what we're saying we scan what we don't scan yeah and in fact that's a good question during our experiment um we used some cache to avoid scanning twice the same layer in fact each layer has an i as an id so that we can know if we already scan a layer so your base image was one layer of your image so we did if we had already scanned this layer once we didn't scan it twice okay so i'm going to use an example here let's say that there is uh your base image is python yeah you've got a python app because you've already scanned the python docker image do we need to rescan it or do you ignore that because you've scanned that image id before during or experiment we didn't scan it again okay once got it yeah and but uh in the gg shield but i don't want to spoil the next pass we would scan also the base image okay so in the next so we'll uh we'll move on here into the to the next image i'll wait a little bit longer just to see if there's any other uh questions that you have here i'll check the chat uh to make sure there's no other but last opportunity to send a message to henry before he moves off screen uh so please fire them away now i'll give you guys a few minutes uh to work on that not a few minutes a few seconds you don't have long but while we're waiting for that here how long have you met uh guardian for i've been there for a bit more than two years now and the journey is amazing what's been so how let's talk about what you do how many secrets did we detect when you arrived and how many secrets did we take now uh we don't count that much in uh secrets we find because it's highly dependent on what people scan and what people publish we look a lot at the number of type of secrets that we can detect so when i arrived it was like 150 and now we just reached 300 yesterday 300 agreed achievement 300 different types of secrets that are detected now so i think that's great so uh i can't see another question in the uh question and answers henry so thanks so much for joining us and what we're going to do now is i'm going to show you some of the technology that was used to scan images i'm going to show you how you can recreate this experiment in docker hub to find secrets and also to help protect your secrets so henry thank you so much thank you mike no problem okay i won't readjust the camera i'll just be a little bit zoomed out okay so let's talk about how we scan our docker images so uh get guardian has uh open source cli tool uh it's called ggshield and we can use this to scan a bunch of different areas so we can use gt shield to set up uh pre-commits github so if you want to scan your git commits before they enter your repository and block them if they contain a secret we can do this we can scan file directories and now we can scan docker images which is really quite cool so in order to do this you just need to download gg shield the gg shield uses the get guardian uh detection engine to do this it needs an api key so you need to sign up for your guardian but once you have that you can just run the command ggshield scan docker and then the image name and i'll show you very quickly what this looks like here uh okay so i wanted to use an actual uh publicly available docker image i wanted to use one that didn't have any active secrets but i had secrets that triggered our detection engine so uh i found this one here during my experiments and i'm just gonna show you what happens so i'm running the command and because this image isn't saved locally on my machine it's gonna download it so it's going to take a little bit of time to do that and then what this is going to do is it's going to scan every layer of this image so in the experiment because we're scanning so much information we would ignore base images that we've already scanned but in this time we're actually going to scan everything within this image so this here has now scanned through the image and it's came back with some results and this is what it's going to look like now these are not true positives so just i'm not exposing anyone's secrets but this lets us know where what file secrets has been exposed so this means that we can go back and remediate this and what's really cool is that i have this in my terminal right now but we can put this within our ci cd pipeline we can scan images uh once uh once we've built them immediately so this can be part of the process so if you want to make sure that your docker images don't expose any secrets then we can actually scan them during during this process automatically using gg shield and i'll ask someone from get guardian if you could post the link to the ggshield github page this has all the documents and information about how to install ggshield and how to use it that will be great to do it and just quickly because i didn't mention it before and i do the tool that i use to explore uh that to explore the docker image is one called dive uh uh so this here and so if you want to be able to explore your own docker images and be able to go into them so i'm right now i'm looking in the docker image for gt shield but that's what this tool here is called so if you want to be able to do that and look at that too i think it's i think it's an awesome tool that you guys can use again that's open source uh for this so a great resource just if you're curious about that all right so let's have a look at our poll results now so what we had i asked here did we have images public published publicly or only privately and i'm actually really curious most of the people here only have private images about 57 and this is a really interesting argument because the same argument that we have about public and private git repositories so we know that we find secrets inside public kid repositories but what about our private repositories well these are just filled with secrets and there can be a security pinch point because it has very weak authentication for such sensitive information the fact that we have a lot of developers and a large company that have access to the git repository the code's scanned and cloned onto different areas and we may provide access to the skip repository to clients to service that are working with us on projects and the same is true for private docker images so just because you're not publicly releasing your docker images uh on uh on docker hub or any other public platform doesn't mean that we can't that we don't have any security threats there these docker images are shared kind of widely all developers in the company have access to these they will be cloned onto and installed onto different machines locally so we still have a large security threat here so i like to just make this argument and bring it up here that uh it's not just public docker images that we need to be uh worried about it's also private ones and actually i'm really surprised at the amount of private docker images that that that remain here so that's uh quite a cool a cool statistic that you guys have shared now we're coming to the end of this and i really hope you guys uh took some value out of this webinar but i also want to mention that uh docker images can pose different kind of security threats these aren't just related to uh exposed credentials and secrets there's lots of ways that we can build docker images that create a insecure that create kind of vulnerabilities within our applications or vulnerabilities within our systems so we actually created a cheat sheet this year on how to securely build docker images uh so we talk about secrets in here of course but we also talk about different ways and different areas of what to do and what not to do uh so again i'll ask someone from the from the guardian team to post the post the blog article to this cheat sheet so that people can access that that will be good because there's different ways that you can secure your docker images beyond just credentials inside them all right so i have had my elves uh monitoring the chats and the polls and i think now is the time to announce who is the winner of the get guardian swag bag so we'll give it a few moments and can someone from there oh there we are we have me i like that uh so come someone from the get guardian team please comment on here who is going to be the winner of the kid guardian swag bag for participating in uh in the questions and uh and the webinar as a whole we'll give this a few minutes but in the meantime [Music] uh i want to thank everyone for tuning into this webinar uh and uh please let us know you can follow uh gegardian this is our first webinar so we're really excited to launch this but we're gonna be doing these every month uh so we're gonna have different guests on from different companies we're gonna be talking about lots of different topics uh around security and also around development in general so please uh let us know what you thought about this and uh reach out to us on twitter uh if you liked it and if you have any ideas for us we always love to hear from you guys that are our users and people that are following us so please please do that drumroll so that link that link here that bitly link is to the cheat sheet for anyone as anyone was wondering i was uh i was expecting that do we have the winner do we have the winner we're adding suspense here to find out the winner of the swag bag i think what we'll do is uh we'll reach out uh we have the we have the list of attendance here so i think the guys are just trying to find out uh a crunch numbers of who was there who are the highest oh yeah we have a winner robin robin if you can reach out to us at guardian uh you can reach out to me at mckenzie i'll type in my email here so robin if you could email me here uh yeah great to see that you're there uh i'll get your contact address and i'll ship off that mixture box to you so again i wanted to thank everyone here for tuning in i had a lot of fun and uh please reach out to us and follow us you can follow us on crowdcast as well if you want to be alerted for each time that we're doing a webinar and of course on all the other social medias so thanks guys i hope you enjoyed it and look forward to seeing you next time [Music] you