-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Adding pragmatic container security overview blog
- Loading branch information
1 parent
02ca9c5
commit 14570b1
Showing
3 changed files
with
88 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,60 @@ | ||
| <!DOCTYPE html> | ||
| <html lang="en"> | ||
| <head> | ||
| <meta charset="UTF-8"> | ||
| <meta name="viewport" content="width=device-width, initial-scale=1.0"> | ||
| <title>doomholderz - Pragmatic Container Security Guide</title> | ||
| <link rel="stylesheet" href="../style.css"> | ||
| </head> | ||
| <body> | ||
| <div class="container"> | ||
| <h1 id="guide-to-pragmatic-container-security">Guide to | ||
| Pragmatic Container Security</h1> | ||
| <h3 id="intro">Intro</h3> | ||
| <p>This is a guide for pragmatically improving your container | ||
| security capabilities, with guidance on all tenets of container | ||
| security.</p> | ||
| <p>Great effort has been made to zero-in on the | ||
| highest-impacting controls to reduce risk associated with | ||
| container workloads, providing a practical roadmap for | ||
| implementing strong container security.</p> | ||
| <p>Each recommendation will be supplemented with: how to | ||
| implement; what risk is <em>actually</em> mitigated through | ||
| implementing; further steps you can take to mature this control | ||
| (where appropriate).</p> | ||
| <h3 id="wtf-is-container-security">WTF <em>is</em> Container | ||
| Security</h3> | ||
| <p>The <em>tl;dr</em> is that container security is our software | ||
| supply-chain security.</p> | ||
| <p>The <em>l;r</em> is that container security is the practice | ||
| of ensuring that we are:</p> | ||
| <ul> | ||
| <li>Building secure container images</li> | ||
| <li>Securing container pipelines</li> | ||
| <li>Securing container registries</li> | ||
| <li>Building and maintaining secure container deployment | ||
| environments</li> | ||
| <li>Enforcing secure container runtimes</li> | ||
| <li>Monitoring our containers for security incidents</li> | ||
| <li>Securing container orchestration tools used to manage | ||
| containers</li> | ||
| </ul> | ||
| <h3 id="how-to-use-this-guide">How to use this Guide</h3> | ||
| <p>This guide will be split into the specific domains of | ||
| container security:</p> | ||
| <ul> | ||
| <li><p>Container image security (coming later)</p></li> | ||
| <li><p>Container registry security (coming later)</p></li> | ||
| <li><p>Container runtime security | ||
| <code>(coming soon)</code></p></li> | ||
| <li><p>Container monitoring (coming later)`</p></li> | ||
| </ul> | ||
| <p>Included in each recommendation will be steps to implement | ||
| for Docker deployment of containers, and Kubernetes | ||
| deployments.</p> | ||
| <p>It’s recommended to audit your adherence to all requirements | ||
| listed, and then work through the gaps systematically. Or just | ||
| free-wheel it, different strokes I guess…</p> | ||
| </div> | ||
| </body> | ||
| </html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters