Skip to main content

Hackersploit: Docker Security Essentials


What's Inside

This guide focuses on securing the Docker platform on Linux. Follow along with the techniques demonstrated in this guide. All you need is a Linux server with Docker installed and running as well as a:

  • fundamental knowledge of Docker and Docker CLI commands;
  • functional knowledge of Linux terminal commands; and a
  • fundamental knowledge of systemd and Linux init systems.
HackerSploit: Docker Security Essentials eBook

Content is structured and organized as follows:

  • In The Docker Platform section, we will begin the process by explaining the various components that make up the Docker platform.
  • In the Auditing Docker Security section, we will explore the process of performing a security audit of the Docker platform. An audit identifies vulnerabilities in the configuration of the components that make up the platform.
  • In the next two sections, we will begin the process of securing the Docker host and the Docker daemon to ensure that we have a secure base to operate from:
    • Securing the Docker Host
    • Securing the Docker Daemon
  • The remaining sections of the guide will conclude by taking a look at the various ways of securing containers and the process of building secure Docker images:
    • Container Security Best Practices
    • Controlling Container Resource Consumption with Control Groups (cgroups)
    • Implementing Access Control with AppArmor
    • Limiting Container System Calls with seccomp
    • Vulnerability Scanning for Docker Containers
    • Building Secure Docker Images