This article is more than 1 year old
Script tool a Docker shocker blocker
Security push underway.
Docker security head Diogo Mónica has crafted a defence tool to help admins protect their machine instances.
Mónica says the Docker Bench Security script available on GitHub is designed as a complement and check systems against the Docker benchmarks released last month alongside a whitepaper [pdf].
“Having the documents is useful, however the ability to easily put these benchmarks into practice is equally important,” Mónica says.
“To do that I built the Docker Bench for Security which automates validating a host’s configuration against the CIS Benchmark recommendations.”
“This is the first in many planned tools we aim to bring to the Docker user community in checking and improving the security of their deployments.”
The tool requires Docker 1.6.2 or later runs as a container with high privileges in order to ascertain the security integrity of other Docker containers.
It will check for security states including 'practical and prudent' changes and those requiring disruption to services.
The tool is the first of “many” security tools Docker plans to release and is part of a push to increase the state of security across the popular container service.
It follows a study released last week that found a third of all official containers had “high severity” vulnerabilities including Heartbleed, Poodle and Shellshock. ®
Biting the hand that feeds IT
