Container scanning tools, industry publications, and security experts are constantly telling us about best practices for how to securely build our images and run our containers. Often these requirements seem abstract and are not described well enough for those of us that don’t have an appsec background to fully understand their importance. In this session, we'll go over several of the most common practices, show examples of how your workloads can be exploited if not followed and, most importantly, how to easily find and fix your Dockerfiles and deployment manifests before you commit your code.