The following Git Hub repo includes a script which checks against dozens of common best practices related to securing Docker.
https://github.com/docker/docker-bench-security
It is worth running this to get an understanding of your Docker environments security posture.
Step 1: Clone the repo on your Docker host
git clone https://github.com/docker/docker-bench-security.git
Step 2: cd to the directory
cd docker-bench-security
Step 3: run the script (this runs the entire script)
sudo ./docker-bench-security/sh
Step 4: review the output
It is also possible to target certain aspects of a Docker deployment, such as doing a targeted scan of the Docker host configurations.
To do this run the script with the following switches:
This command runs checks againest the Docker hosts itself.
sudo ./docker-bench-security.sh -c host_configuration
The other targeted tests are shown below. Just substitued the test name into the above command.
https://github.com/docker/docker-bench-security
It is worth running this to get an understanding of your Docker environments security posture.
Step 1: Clone the repo on your Docker host
git clone https://github.com/docker/docker-bench-security.git
Step 2: cd to the directory
cd docker-bench-security
Step 3: run the script (this runs the entire script)
sudo ./docker-bench-security/sh
Step 4: review the output
It is also possible to target certain aspects of a Docker deployment, such as doing a targeted scan of the Docker host configurations.
To do this run the script with the following switches:
This command runs checks againest the Docker hosts itself.
sudo ./docker-bench-security.sh -c host_configuration
The other targeted tests are shown below. Just substitued the test name into the above command.
