Static Security Analysis of Container Images with CoreOS Clair
Container security is (or should be) a concern to anyone running software on Docker Containers. Gone are the days when running random Images found on the internet was common place. Security guides for Containers are common now: examples from Microsoft and others can be found easily online.
The two leading Container Orchestrators also offer their own security guides: Kubernetes Security Best Practices and Docker security.
Container Image Origin
One of the single biggest factors in Container security is determined by the origin of container Images:
- It is recommended to run your own private Registry to distribute Images
- It is recommended to scan these Images against known vulnerabilities.