Understanding the output

There are three types of output that we will see:

  • [PASS]: These items are solid and good to go. They don't need any attention but are good to read to make you feel warm inside. The more of these, the better!
  • [WARN]: These are items that need to be fixed. These are the items we don't want to be seeing.
  • [INFO]: These are items that you should review and fix if you feel they are pertinent to your setup and security needs.
  • [NOTE]: These give best-practice advice.

There are six main sections that are covered in the audit:

  • Host configuration
  • Docker daemon configuration
  • Docker daemon configuration files
  • Container images and build files
  • Container runtime
  • Docker security operations

Let's take a look at what we are seeing in each section of the scan. These scan results are from a default Ubuntu Docker host with no tweaks made to the system at this point. We want to focus again on the [WARN] items in each section. Other warnings may come up when you run yours, but these will be the ones that come up most, if not for everyone, at first.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset