Understanding Container Security

This page summarizes the projects mentioned and recommended in the original post on dev.to

SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
  1. docker-bench-security

    The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.

    Scanning your container images for vulnerabilities is a good approach. But this scanning is not one time job, it should be done regularly (weekly, monthly, etc.) You need to follow vulnerability reports and fix all of the vulnerabilities as soon as possible. I recommend some open-source tools that could be useful: Trivy, Docker-Bench, Grype.

  2. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
  3. grype

    A vulnerability scanner for container images and filesystems

    Scanning your container images for vulnerabilities is a good approach. But this scanning is not one time job, it should be done regularly (weekly, monthly, etc.) You need to follow vulnerability reports and fix all of the vulnerabilities as soon as possible. I recommend some open-source tools that could be useful: Trivy, Docker-Bench, Grype.

  4. checkov

    Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

    For your Dockerfiles, you can also scan them. There are lots of tools that can check your Dockerfiles. They will validate if Dockerfile is compliant with Docker best practices such as not using root user, making sure a health check exists, and not exposing the SSH port. You can use Snyk and Checkov.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • Mastering Managed IaC Self-Service: The Complete Guide

    1 project | dev.to | 23 Dec 2024
  • Deploying to Azure with Terraform and GitHub Actions

    2 projects | dev.to | 19 Sep 2024
  • Fastly and the Linux kernel

    26 projects | dev.to | 24 Jun 2024
  • Cloud Security and Resilience: DevSecOps Tools and Practices

    10 projects | dev.to | 1 May 2024
  • A Deep Dive Into Terraform Static Code Analysis Tools: Features and Comparisons

    6 projects | dev.to | 16 Apr 2024

Did you know that Shell is
the 11th most popular programming language
based on number of references?