by Jeremy Valance | Nov 8, 2018 | Blog
Previously, in our Docker Security Best Practices series, we took a deeper look into Docker Image security, and what best practices to follow. This post will continue the series, focusing on Docker container runtime, the challenges that come with securing them, and what countermeasures can be taken to achieve a better container runtime security stance. Left out from this discussion will be any considerations that touch on host or static image security.
by Jeremy Valance | Oct 31, 2018 | Blog
Previously, in our Docker Security Best Practices series, we took a deeper look into Securing the Docker Host, and what best practices to follow. This post will continue the series, focusing on Docker images, the challenges that come with securing these artifacts, and what countermeasures can be taken to achieve a better container image security stance. Left out from this discussion will be any considerations that touch on host or runtime security.
by Jeremy Valance | Oct 24, 2018 | Blog
A short while ago we published a blog on Docker security called Docker Security Best Practices: Part 1. We structured it by briefly discussing a comprehensive approach to security the entire container stack from top to bottom. This involves securing the underlying host operating system, the container images themselves, and the container runtime. In this post, we will discuss securing the host operating system in a bit more detail. In short, containerized applications are only as secure as the underlying host, as containers share the operating system kernel. There are some important operating system security best approaches that will strength this layer of the container stack and improve the overall security posture.
by Jeremy Valance | Oct 10, 2018 | Blog
Container security has been one of the hottest topics in the industry as of late, but what does “container security” really mean. Does it mean ensuring your images don’t have vulnerabilities in them? We think true container security involves a much more comprehensive approach including securing the entire container stack from top to bottom.
by Jeremy Valance | Oct 3, 2018 | Blog
This will walkthrough integrating Anchore scanning into a Codeship pipeline. During the first step, a Docker image will be built from a Dockerfile. Following this, during the second step Anchore will scan the image, and depending on the result of the policy evaluation, proceed to the final step. During the final step the built image will be pushed to a Docker registry.
