Securing Docker

Follow these guidelines to secure the Docker container during the product deployment.

  1. Update the Host and Docker
  2. Do not Expose the Docker Daemon Socket
  3. Running Docker Container as a Non Root User
  4. Limit Capabilities
  5. Add "–no-new-privileges" flag
  6. Disable Inter-Container Communication (--icc=false)
  7. Use Linux Security Module (seccomp, AppArmor, or SELinux)
  8. Limit Resources (memory, CPU, file descriptors, processes, restarts)
  9. Set Filesystem and Volumes to Read-only
  10. Use Static Analysis Tools
  11. Set the Logging Level to at least INFO
  12. Lint the Dockerfile at Build Time
  13. Docker Security Operations- Docker Swarm Configuration
  14. Run the Docker Daemon as a Non-root User (Rootless mode)