Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/bretfisher/container-security-steps

Docker and Kubernetes security steps to help you create, build, test, and run safer in containers
https://github.com/bretfisher/container-security-steps

devops devsecops docker kubernetes security-automation security-tools supply-chain-security

Last synced: 3 months ago
JSON representation

Docker and Kubernetes security steps to help you create, build, test, and run safer in containers

Awesome Lists containing this project

README 

          
# Docker and Kubernetes image and container security *better* practices



A talk on tools and processes that will improve your security posture. Meant for mere mortals. Achievable by those doing *solo DevOps*.



First given at [Civo Navigate 2023](https://www.civo.com/navigate) with the title "Real-world container & image security: Present and future."



## This repo



FORTHCOMING AFTER CIVO NAVIGATE IN FEBUARY 2023. Get on [my newsletter](https://www.bretfisher.com/newsletter) to get my updates on this and everything I create.



## History of my rants about securing your containers (and code)



* Starting in 2018, I made my "top 10" security recommendations for people starting in Docker/Kubernetes (https://github.com/BretFisher/ama/discussions/150). It's had multiple updates over the years.

* [My DockerCon 2022 talk](https://github.com/bretfisher/nodejs-rocks-in-docker) mainly was a rant about default base images for languages. I picked Node.js. I tried to be nice.

* This repo tries to sum up this topic in 2023 for the "average" DevOps engineer, where a lot's happening in this space.



©️ Bret Fisher. [MIT License](./LICENSE). Attribution appreciated! Made with ❤️ in Virginia.