Container Security Checklist

Cloud Native Concepts

Cloud Native Concepts

Container Threat Model

Figure by Container Security by Liz Rice

Container Security Checklist

Figure by cncf/tag-security

Secure the Build

Secure Supply Chain

Hardening Code — Secure SDLC (Software Development Life Cycle)

Secure the Image — Hardening

Pulling images by digest
docker images --digests
docker pull alpine@sha256:b7233dafbed64e3738630b69382a8b231726aa1014ccaabc1947c5308a8910a7

Image Scanning

Image Signing

Secure the Build

Secure Supply Chain

Hardening Code — Secure SDLC (Software Development Life Cycle)

Secure the Image — Hardening

Pulling images by digest
docker images --digests
docker pull alpine@sha256:b7233dafbed64e3738630b69382a8b231726aa1014ccaabc1947c5308a8910a7

Image Scanning

Image Signing

Secure the Container Registry

Registry Resources

Secure the Container Runtime

Why is important Runtime Security?

Constraints

Docker Security

Secure the Infrastructure

Secure the Data

Secrets Management Tools

Secure the Workloads … Running the containers

docker run -d --name container-1 --cpuset-cpus 0 --cpu-shares 768 cpu-stress

--

--

DevOps & Cloud Engineer / Chess Player — My Website: Divband.com

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store