Docker Bench for Security for Docker Host

4 min readApr 9, 2021

The official Docker documentation has a description of Docker security.

Docker security

There are four major areas to consider when reviewing Docker security: the intrinsic security of the kernel and its…

docs.docker.com

Docker Bench for Security is provided as a tool to check this automatically, ok so let’s take advantage of this and try to realize a more secure container execution environment.

docker/docker-bench-security

The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker…

github.com

Environment

Ubuntu 18.04 (Vagrant)
Docker 20.10.3-ce

Let’s start with Docker Bench for Security

The Github repository we have explains how to run using a Docker image.
but, due to the mechanism of docker, there are some parts where some tests do not work specifically, part regarding audit system, so instead of using the docker image, execute the script directly.

root@vagrant:/home/vagrant# git clone https://github.com/docker/docker-bench-security.git
Cloning into 'docker-bench-security'...
remote: Enumerating objects: 2101, done.
remote: Total 2101 (delta 0)…