Hackersploit: Docker Security Essentials
This guide focuses on securing the Docker platform on Linux. Follow along with the techniques demonstrated in this guide. All you need is a Linux server with Docker installed and running as well as a:
- fundamental knowledge of Docker and Docker CLI commands;
- functional knowledge of Linux terminal commands; and a
- fundamental knowledge of systemd and Linux init systems.
Content is structured and organized as follows:
- In The Docker Platform section, we will begin the process by explaining the various components that make up the Docker platform.
- In the Auditing Docker Security section, we will explore the process of performing a security audit of the Docker platform. An audit identifies vulnerabilities in the configuration of the components that make up the platform.
- In the next two sections, we will begin the process of securing the Docker host and the Docker daemon to ensure that we have a secure base to operate from:
- Securing the Docker Host
- Securing the Docker Daemon
- The remaining sections of the guide will conclude by taking a look at the various ways of securing containers and the process of building secure Docker images:
- Container Security Best Practices
- Controlling Container Resource Consumption with Control Groups (cgroups)
- Implementing Access Control with AppArmor
- Limiting Container System Calls with seccomp
- Vulnerability Scanning for Docker Containers
- Building Secure Docker Images