Static Vulnerability Analysis of Docker Images
Vipin Jain, Baldev Singh, Medha Khenwar, Milind Kumar Sharma
Abstract
Abstract Many organizations are renovating their businesses by grasping DevOps, microservices, and container technologies. Docker is emerged as a new technology, proving an efficient means to develop and deploy applications. Docker containers are created by images to run an application with all its dependencies so that it could run isolated from other processes. Security is always being a foremost concern as our industries are already persistent to improve the reliability and efficiency of new software applications. Security of local Docker containers from the attacks of malicious containers, perceived threats present in Docker images need to be detected and the risks identified when instances of Docker containers run on the host machine. This paper reviews Docker’s existing security mechanisms, vulnerabilities, threats and the related tools required for static security analysis.