Continuing the series on creating a comprehensive security program around Docker, today we will look at intrusion detection and prevention with containers.Containers are created to be immutable and ephemeral, so why is this necessary? Just recently, Kubernetes disclosed a vulnerability that would allow remote, unauthenticated attackers to execute arbitrary…
The simplest way to get started with a docker security program is to start with static analysis: Analyzing docker files for insecure software and making sure we have a level of trust in the base images our organization uses.This is part of the series on how to build a…
In the past couple of years, I have worked with teams trying to figure out how to adapt security tools to their Docker deployments, with varying degrees of success. Over the next several articles, I will build up a series of security tools and practices that can help secure your…