Docker: Security Solutions - what the safest way to secure Docker?
I work for a tech start up where VM and Docker are used for development purposes.
In a security review we were discussing how Docker could pose a serious threat if developers are using uncertified images as part of trials and testing.
Trying to balance the risk against innovation is always a risk balanced decision; however, 1 scenario which has been discussed is:
An image is download containing malicious code to enable network sniffing, i.e. setting a network card outside the container, which is part of the native Windows/Linux build, to monitor/promiscuous mode, which then sends traffic to a malicious actor.
Acknowledging native end point monitoring software will detect some suspicious activity, what are the collective thoughts around securing Docker as much as reasonably practicable without stifling innovation?