A big part of any organization’s risk assessment process is to be aware of and gain visibility into vulnerabilities in the software being used. From an attacker point of view, having known vulnerabilities is akin to leaving the organization’s doors and windows wide open. Vulnerability scans are there to ensure that no such doors or windows are left open by mistake. This page gathers resources about the the importance of container vulnerability scanning including information on various vulnerability scanners.
Table of Contents:
Below we have compiled publicly available sources from around the world that present views on Container Vulnerability Scanning.

Perspectives on Container Vulnerability Scanning

Docker Vulnerability Scanning

Specific Technologies


Further Reading

  • Container Security Best PracticesWhen containerization is implemented with good security practices, containers can offer better application security rather than a VM only solution. This is because there is an opportunity for the container to be an additional boundary between an application exploit occurring and the attacker getting access to the host. This page gathers resources about basic tips and best practices as to how to secure containers.
  • Containers for DevSecOpsDevSecOps is an extension of the DevOps concept that emphasizes the integration of security teams into continuous delivery workflows. This page gathers resources about how DevSecOps makes for a more efficient and secure containers. 
  • Container Vulnerabilities and ThreatsWhile containers are driving evolution in the management of network applications, which, although self-contained, are still vulnerable. This page gathers resources about container vulnerabilities like 'Dirty Cow' and 'Escape Vulnerability' including tips on how to secure containers from cyber threats.
  • Container Vulnerability ScanningA big part of any organization’s risk assessment process is to be aware of and gain visibility into vulnerabilities in the software being used. From an attacker point of view, having known vulnerabilities is akin to leaving the organization’s doors and windows wide open. Vulnerability scans are there to ensure that no such doors or windows are left open by mistake. This page gathers resources about the the importance of container vulnerability scanning including information on various vulnerabil
  • Container Secrets ManagementIn computing as in real life, a secret is information you want kept private, outside of the people and systems you want or need to share it with. In the application security realm, common examples of secrets are passwords, tokens, and private keys. This page gathers resources about managing secrets in containers including Docker containers, Amazon EC2 Container Service, Kubernetes and more.
  • Container Access ControlThe wide adoption of containers and the ability to retrieve images from different sources impose strict security constraints. Containers leverage Linux kernel security facilities, such as namespaces, cgroups and Mandatory Access Control. This page gathers resources about container access control - deciding and enforcing who gets access to which container resources.
  • Container Audits and ComplianceSecurity and compliance are top of mind for IT organizations. In a technology-first era rife with cyber threats, it is important for enterprises to have the ability to deploy applications on a platform that adheres to stringent security baselines. This page gathers resources about audits and compliance of containers and their relationship to security.

Help Make the Wiki Better!

The URL you want to suggest or report

New topic you suggest for the wiki

Your email address

 

Get updates on container technology

  • No labels