Posts

Showing posts from March, 2019

How To Harden Your Docker Containers

Image
Properly securing your Docker containers can be a cumbersome and time consuming task. The goal of this technical walkthrough is to comfortably guide you through the steps involved in hardening your docker containers and securing your containerized infrastructure. Let's start with the basics, a checklist and common sense best practices, we can then move on to the key point of sandboxing a container: drop capabilities and create ad hoc security profiles. A good example of this is my own project which I have made available in my Github  repository , check it out for a much deeper technical insight. Preliminary steps 1)  Update Docker : Clearly this is the first thing to do, even more so when a clever container escape has been recently disclosed ( CVE-2019-5736 ).   2)  Deploy Only Trusted Docker Images :  enable the  Content Trust feature  for guarantee the authencity and integrity of the pulled images from Docker Hub. You can also arrange an offline registry available in you