If you deal with Docker one of the security challenges you might come across is that of image content security. When I talk about this I mean some way of verifying that the software in an image is:
- Free from known software vulnerabilities in the base OS
- Free from known software vulnerabilities in any added third party packages
- Free from malicious software (backdoors, rootkits etc.)
This is different from image integrity which to my mind is something that can be addressed with content trust and Notary. …
Read more at STIndustries