From the course: Microservices: Security
Join today to access over 24,900 courses taught by industry experts.
Audit container security
From the course: Microservices: Security
Audit container security
- [Instructor] When assessing the security posture of any component within a system, it's best to rely upon a tool to check for vulnerabilities and the enforcement of best practices. When it comes to running Docker containers, Docker Bench is one of the best tools for the job. Docker Bench is a small script that inspects the container host to show how it complies with the Center for Internet Securities Docker Benchmark. This is a formal list of security best practices for Docker. Now let's get hands-on and I'll show you how Docker bench works. So here in Windows subsystem for Linux, I've installed Docker on Abuntu. And then within Docker I have a single container running our microservice. Now let's analyze the security posture of the host and the container with Docker bench. The first thing that we'll do is clone the Docker bench repository so that we can get a copy of the script on our host. Alright, after the repository is cloned, we can go ahead and change directory into the…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
Throttling and rate limiting4m 37s
-
(Locked)
Container runtime security4m 19s
-
(Locked)
Image security5m 4s
-
(Locked)
Audit container security3m 44s
-
(Locked)
Secrets management3m 49s
-
(Locked)
Secure pipelines4m 57s
-
(Locked)
Prevent leaked credentials2m 39s
-
(Locked)
Keep secrets with Key Vault6m 53s
-
-