Expert Launches Docker Bench Security script

docker security

Docker security head Diogo Mónica has launched a security script to help sysadmins to make a Docker rig safe in the real world.

You might also like: Xprivacy - A Must Have App For Hackers


Docker is an open platform for developers and sysadmins to build, ship, and run distributed applications. It consists Docker Engine, a portable, lightweight runtime and packaging tool, and Docker Hub, a cloud service for sharing applications and automating workflows. It aims to eliminate the friction between development, QA, and production environments.


The script automates validating a host's configuration against the CIS Benchmark recommendations.


"Having the documents is useful, however the ability to easily put these benchmarks into practice is equally important," Mónica says


"This container is being run with a lot of privilege -- sharing the host's filesystem, pid and network namespaces, due to portions of the benchmark applying to the running host, " Mónica explains.

The script requires Docker 1.6.2 or later in order to run.

The Docker Bench is the first in many planned security tools Docker aim to bring to the Docker user community in checking and improving the security.

You can get the docker Docker Bench Security script from GitHub.

No comments

Powered by Blogger.