Docker containers and Kubernetes are the driving force of a modern software development life cycle. Although Docker is a safer option than working on the host machine directly, many potential security issues may arise while working with containers. By Sofija Simic, an aspiring technical writer at phoenixNAP.
This is a short and to the point guide, and it mentions:
- Update Docker and host regularly
- Configure resource quotas
- Use non-root users
- Limit capabilities
- Prohibit new privileges
- Use trusted images
.. and few more. When pulling an image from online registries, make sure it is from a secure, trusted source. The safest option is sticking to the official Docker hub. Avoid public third-party registries which lack control policies. Also, use image scanning tools to search for vulnerabilities before downloading anything on the host system.
You should scan images regularly, not just when downloading them from an online registry. Even local images that haven’t been utilized for a while should be scanned before building a container. To get more details follow the link to the article. Sweet!
[Read More]