Open AccessStatic Vulnerability Analysis of Docker Images
Author(s) -
Vipin Jain,
Balwant Singh,
Medha Khenwar,
Milind Kumar Sharma
Publication year - 2021
Publication title -
iop conference series. materials science and engineering
Language(s) - English
Resource type - Journals
eISSN - 1757-899X
pISSN - 1757-8981
DOI - 10.1088/1757-899x/1131/1/012018
Subject(s) - microservices , container (type theory) , computer security , devops , computer science , vulnerability (computing) , reliability (semiconductor) , host (biology) , software , cloud computing , operating system , engineering , mechanical engineering , ecology , power (physics) , physics , quantum mechanics , biology
Many organizations are renovating their businesses by grasping DevOps, microservices, and container technologies. Docker is emerged as a new technology, proving an efficient means to develop and deploy applications. Docker containers are created by images to run an application with all its dependencies so that it could run isolated from other processes. Security is always being a foremost concern as our industries are already persistent to improve the reliability and efficiency of new software applications. Security of local Docker containers from the attacks of malicious containers, perceived threats present in Docker images need to be detected and the risks identified when instances of Docker containers run on the host machine. This paper reviews Docker’s existing security mechanisms, vulnerabilities, threats and the related tools required for static security analysis.