Blog and Research

Security Tools

  • docker-bench-security - The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
  • dockscan - dockscan is security vulnerability and audit scanner for Docker installations
  • drydock - drydock provides a flexible way of assessing the security of your Docker daemon configuration and containers using editable audit templates
  • clair - Clair is an open source project for the static analysis of vulnerabilities in application containers (currently including appc and docker).
  • dive - A tool for exploring a docker image, layer contents, and discovering ways to shrink the size of your Docker/OCI image.
  • dockerrootplease - Gives you root on the hostOS, if you’re a member of the ‘docker’ group.
  • BOtB - A container analysis and exploitation tool for pentesters and engineers.
  • docker-security-checker - The SensioLabs Security Checker is a command line tool that checks if your application uses dependencies with known security vulnerabilities.
Edit me on Github