This part of the guide is about the configuration of your Docker hosts. This is that part of the Docker environment where all your containers run. Thus, keeping it secure is of the utmost importance. This is the first line of defense against the attackers.

This part of the guide recommends securing the running Docker daemon. Everything you do to the Docker daemon configuration affects each and every container. These are the switches you can attach to the Docker daemon that we saw previously and items you will see in the following section when we run through the tool.

This part of the guide deals with the files and directories that the Docker daemon uses. This ranges from permissions to ownerships. Sometimes, these areas may contain information you don't want others to know about, which could be in a plain text format.

This part of the guide contains both the information for securing the container images as well as the container runtime.

The first part contains images, cover base images, and build files that were used. You need to be sure about the images you are using not only for your base images, but also for any aspect of your Docker experience. This section of the guide covers the items you should follow while creating your own base images to ensure they are secure.

The second part, the container runtime, covers a lot of security-related items. You have to take care of the runtime variables that you are providing. In some cases, attackers can use them to their advantage, while you think you are using them to your own advantage. Exposing too much in your container can compromise the security of not only that container, but also the Docker host and other containers running on this host.

This part of the guide covers the security areas that involve deployment. These items are more closely tied to the best practices and recommendations of items that are to be followed.