CIS Docker Benchmark
Profile Applicability: Level 1 Description: Dockerfiles should not use package manager update instructions such as apt-get update or yum update by th...
Tue, 29 Apr, 2025 at 7:07 AM
Profile Applicability: Level 1 Description: In Docker Swarm mode, it is recommended to have at least three manager nodes for high availability and f...
Tue, 29 Apr, 2025 at 7:13 AM
Profile Applicability: Level 1 Description: In Docker Swarm, services should be bound to specific host interfaces to ensure they are only accessible...
Tue, 29 Apr, 2025 at 7:21 AM
Profile Applicability: Level 1 Description: The Docker Swarm mode uses an auto-lock feature to protect the manager node's Raft log. The auto-loc...
Tue, 29 Apr, 2025 at 7:27 AM
Profile Applicability: Level 1 Description: Docker Swarm auto-lock mode enables an additional layer of security by locking the manager nodes. When t...
Tue, 29 Apr, 2025 at 7:33 AM
Profile Applicability: Level 1 Description: Docker's secret management system ensures that sensitive data like passwords and API keys are handle...
Tue, 29 Apr, 2025 at 7:41 AM
Profile Applicability: Level 1 Description: Docker Swarm uses overlay networks to allow containers in different hosts to communicate. Ensuring that ...
Tue, 29 Apr, 2025 at 7:47 AM
Profile Applicability: Level 2 Description: Docker allows the docker exec command to execute commands in a running container. It is important to ens...
Tue, 29 Apr, 2025 at 7:55 AM
Profile Applicability: Level 2 Description: Docker exec commands should not be run with the --privileged flag, as it grants extended privileges to c...
Tue, 29 Apr, 2025 at 8:16 PM
Profile Applicability: Level 1 Description: Seccomp is a Linux kernel feature that filters system calls for processes. Docker supports seccomp profi...
Tue, 29 Apr, 2025 at 8:35 PM