Docker
DevOps vs Security: Can Docker make a difference?
Docker Inc. is one of the pioneers in the world DevOps, Known for its toolkit around Linux container technology.
Summary
One of the pioneers in the world DevOps, is the company Docker Inc. Known for its toolkit around Linux container technology, they propel the way this technology evolves and is promoted to the world. With great achievements and interest from the outside world, also comes a lot of pressure. Competing products are showing up, resulting in a battle for features, pricing and customers. Unfortunately for security professionals like us, the many security lessons from the past seems to be forgotten.
Security Best Practices for Building Docker Images
To ensure your Docker images are properly configured, we show some of the best practices. Building secure Docker containers doesn't have to be hard.
Summary
Docker simplifies software packaging by creating small software units. It starts with a base OS image, followed by software installation and finally the configuration adjustments. For building your own images, Docker uses small build files, with the less than original name Dockerfile. Docker build files simplify the build process and help creating consistent containers, over and over. Unfortunately developers don’t always take security into account during the build process, resulting in software which is installed insecurely.