This document discusses Docker security. It begins by introducing Docker and containers, then covers securing Docker images through signing and scanning. It discusses how Docker uses namespaces and cgroups for isolation. It also addresses securing the Docker daemon and containers, as well as operational concerns around deployment, networking, monitoring, and logging of containers. It concludes by looking at future directions like unikernels and serverless architectures.