Docker security reporting
by Scott Gallagher, Allan Espinosa, Russ McKendrick, Santosh Kumar Konduri, Vaibhav
Docker: Creating Structured Containers
- Docker
- Table of Contents
- Docker
- Meet Your Course Guide
- 1. Course Module 1: Learning Docker
- 1. Getting Started with Docker
- An introduction to Docker
- Docker on Linux
- Differentiating between containerization and virtualization
- Docker networking/linking
- Installing Docker
- Downloading the first Docker image
- Running the first Docker container
- Running a Docker container on Amazon Web Services
- Troubleshooting
- 2. Up and Running
- Docker terminologies
- Docker commands
- The daemon command
- The version command
- The info command
- The run command
- The search command
- The pull command
- The start command
- The stop command
- The restart command
- The rm command
- The ps command
- The logs command
- The inspect command
- The top command
- The attach command
- The kill command
- The cp command
- The port command
- Running your own project
- Dockerfile
- 3. Container Image Storage
- 4. Working with Docker containers and images
- 5. Publishing Images
- 6. Running Your Private Docker Infrastructure
- 7. Running Services in a Container
- 8. Sharing Data with Containers
- 9. Docker Machine
- 10. Docker Compose
- 11. Docker Swarm
- 12. Testing with Docker
- 13. Debugging Containers
- 1. Getting Started with Docker
- 2. Course Module 2: Networking Docker
- 1. Docker Networking Primer
- 2. Docker Networking Internals
- 3. Building Your First Docker Network
- 4. Networking in a Docker Cluster
- 5. Next Generation Networking Stack for Docker – libnetwork
- 3. Course Module 3: Monitoring Docker
- 1. Introduction to Docker Monitoring
- 2. Using the Built-in Tools
- 3. Advanced Container Resource Analysis
- 4. A Traditional Approach to Monitoring Containers
- 5. Querying with Sysdig
- 6. Exploring Third Party Options
- 7. Collecting Application Logs from within the Container
- 8. What Are the Next Steps?
- 4. Course Module 4: Securing Docker
- 1. Securing Docker Hosts
- 2. Securing Docker Components
- 3. Securing and Hardening Linux Kernels
- 4. Docker Bench for Security
- Docker security – best practices
- Docker – best practices
- CIS guide
- The Docker Bench Security application
- Running the tool
- Understanding the output
- Understanding the output – host configuration
- Understanding the output – the Docker daemon configuration
- Understanding the output – the Docker daemon configuration files
- Understanding the output – container images and build files
- Understanding the output – container runtime
- Understanding the output – Docker security operations
- 5. Monitoring and Reporting Docker Security Incidents
- 6. Using Docker's Built-in Security Features
- 7. Securing Docker with Third-Party Tools
- 8. Keeping up Security
- 5. Course Module 5: Mastering Docker
- 1. Docker in Production
- 2. Shipyard
- 3. Panamax
- 4. Tutum
- 5. Advanced Docker
- A. Reflect and Test Yourself! Answers
- Module 1: Learning Docker
- Chapter 1: Getting Started with Docker
- Chapter 6: Running Your Private Docker Infrastructure
- Chapter 7: Running Services In a Container
- Chapter 8: Sharing Data with Containers
- Chapter 9: Docker Machine
- Chapter 10: Orchestrating Docker
- Chapter 11: Docker Swarm
- Chapter 12: Testing with Docker
- Chapter 13: Debugging Containers
- Module 2: Networking Docker
- Module 3: Monitoring Docker
- Module 4: Securing Docker
- Chapter 2: Securing Docker Components
- Chapter 3: Securing and Hardening Linux Kernels
- Chapter 4, Docker Bench for Security
- Chapter 5, Monitoring and Reporting Docker Security Incidents
- Chapter 6, Using Docker's Built-in Security Features
- Chapter 7, Securing Docker with Third-party Tools
- Chapter 8, Keeping up Security
- Module 5: Mastering Docker
- Module 1: Learning Docker
- B. Bibliography
- Index
Reporting Docker security issues is just as important as monitoring security issues with regards to Docker. While it is important to report these issues, there are certain standards that you should follow when you find security issues and are going to, hopefully, report them.
When disclosing security-related issues, not only for Docker, but for any product out there, there is a term called responsible disclosure that everyone should follow. Responsible disclosure is an agreement that allows the developer or maintainer of the product ample time to provide a fix for the security issue before disclosing the issue to the general public.
To learn more about responsible disclosure, you can visit https://en.wikipedia.org/wiki/Responsible_disclosure.
Remember to put yourself in the shoes of the group that is responsible for the code. If it were your code, wouldn't you want someone to give you a notice of a vulnerability so that you had ample time to fix the issue before it was disclosed, causing widespread panic and flooding the inbox with e-mails from the masses.
Currently, the method for reporting security issues is to e-mail the Docker security team and give them as much information as you can provide about the security issue. While these are not the exact items that Docker might recommend, there are general guidelines that most other security professionals like to see when reporting security issues, such as the following:
- Product and version, where the security issue was discovered
- Method to reproduce the issue
- Operating system that was being used at the time, plus the version
- Any additional information you can provide
Remember, the more information you provide from the beginning, the quicker the team has to react from their end by being on top of the issue and attack it more aggressively from the start.
To report a security issue for any Docker-related product, make sure to e-mail any information to <[email protected]>
-
No Comment