Cover image for Docker Security

Docker Security

Author Adrian Mouat
Release Date: 2016/01/01
ISBN: 9781492042297
Topic:
0%
7
Chapters
0-1
Hours read
0k
Total Words
    Start Reading Now    
       Add to Wishlist       
View table of contents

Book Description

To use Docker safely, in both production and development, you need to be aware of the potential security issues and the major tools and techniques for securing container-based systems. In this O’Reilly report, Adrian Mouat—Chief Scientist at Container Solutions—provides guidance and advice for developing container security policies and procedures.

Mouat addresses threats such as kernel exploits, DoS attacks, container breakouts, and poisoned images throughout the report with solutions that include defense-in-depth (using the analogy of a castle’s layered defenses) and least privilege.

Table of Contents

  1. Foreword
  2. 1. Security and Limiting Containers
    1. Things to Worry About
    2. Defense in Depth
      1. Least Privilege
    3. Segregate Containers by Host
    4. Applying Updates
      1. Avoid Unsupported Drivers
    5. Image Provenance
      1. Docker Digests
      2. Docker Content Trust
      3. Reproducible and Trustworthy Dockerfiles
    6. Security Tips
      1. Set a USER
      2. Limit Container Networking
      3. Remove setuid/setgid Binaries
      4. Limit Memory
      5. Limit CPU
      6. Limit Restarts
      7. Limit Filesystems
      8. Limit Capabilities
      9. Apply Resource Limits (ulimits)
    7. Run a Hardened Kernel
    8. Linux Security Modules
      1. SELinux
      2. AppArmor
    9. Auditing
    10. Incident Response
    11. Conclusion
18.227.228.95