From the course: Docker: Build and Optimize Docker Images
Join today to access over 24,900 courses taught by industry experts.
Incorporating basic security practices - Docker Tutorial
From the course: Docker: Build and Optimize Docker Images
Incorporating basic security practices
- [Instructor] When you're working with Docker files, you've got to keep them secure so that you're not introducing vulnerabilities into your CI/CD pipeline. Let's look at a few ways we can incorporate basic security practices to ensure that our image is secure. First, let's check to see if an image contains any vulnerabilities. In Docker Hub, I'm on the Tags page for the official node image. There's a column for Vulnerabilities, which shows any reported cybersecurity vulnerabilities for the image, as well as their severity. Let's scroll down until we find an image that has vulnerabilities and click on that. Here, you can view CVEs or common vulnerabilities and exposures. CVE is a dictionary of publicly disclosed cybersecurity vulnerabilities. You can expand any CVE to view more information. If there's a fix available, you can view it in the Fix version row. If we were using this image, we would want to update the Docker file with the new base image. Let's take a look at the base…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.