2. Saiyam Pathak
• Twitter - @saiyampathak
• Blog –
https://medium.com/@saiyampathak
• Docker Bangalore Community Leader
• Rancher and Influx Bangalore
Meetup Organizer
• Influx ACE
• Rancher Trusted Hands member
• Kubernetes Member
• CNCF Ambassador
3. Why Docker ?
You can get attacked but then you can respawn container
You can get attacked but end up having limited functionality
No more Runs on my machine
Open source
VM are too large to run
Microservices loves containers
Its all in one (developers + ops + security)
4. Different
security
aspects
Before pulling the image
Pulling the image
Before starting the container
Runtime Security
Docker daemon security
Host VM security
Security patching
Updating docker images
5. Security Tips
as root or privilegedNever Run
the containersScan
MemoryLimit
CPULimit
RestartLimit
Volume permissionsLimit
capabilities - drop all privileges and add back just the ones you needLimit