Click me

SumoLogic infographic

Docker Security: What You Need to Know From streamlining software delivery to automating the set up and configuration of development environments, Docker enables users to make their apps more agile and cloud-ready. While Docker can be a great solution for developers, operators, and enterprises, users should ensure that their containers are secured before diving in. UNIQUE CONTAINER SECURITY CHALLENGES Security threats on containers fall into several categories. While some of these threats are par for the course in any type of computing environment, threats to Docker containers are often amplified. Risk of privilege Attack originating from one container that compromises data or resources used by a Risk of insecure or unvalidated app images escalation via containers different container PROTECTING DOCKER CONTAINERS New features from Docker, as well as the introduction of crucial security tools elsewhere in the container ecosystem, have made it much easier to keep Docker containers secure. Here are a few tools and strategies you can use to mitigate potential issues. 1 Always start Docker containers with the -u flag so they run as an ordinary user instead of root -u This is a basic first step toward improving security Configure Docker control groups to set limits on how many resources each container can use XXXXXX Remove SUID flags from container images This makes privilege escalation attacks This will go a long way toward preventing container-based DoS attacks more difficult 4 5 Use namespaces in Docker to isolate containers from Don't use images from repositories that you don't trust one another Namespaces help assure that a user or process running inside one container can't affect those This may sound like a no-brainer, but it can be ......... tempting to pull an image from a random registry in other containers 6. 7 I Consider using Clair to validate containers from your registries Get visibility into what's happening in your containers Use Clair to scan images You can't stop what you locally or run it directly from supported public registry services can't see, so having a robust tool to analyze your container data is key O sumologic TM Docker Logging with Sumo Logic Visibility is key to understanding if your containers are secure, and Sumo Logic can help. Our advanced machine-learning and analytics capabilities enable you to analyze, troubleshoot, and perform root cause analysis of issues surfacing from distributed container-based applications and Docker containers themselves. Sign up for Sumo Logic Free to try it for yourself at ........... O........... 00 2.

SumoLogic infographic

shared by QueenOfInfographics on Jan 07
Infographic for SumoLogic about Docker Security: What You Need to Know


Did you work on this visual? Claim credit!

Get a Quote

Embed Code

For hosted site:

Click the code to copy


Click the code to copy
Customize size