Presents you don't want - Malicious images on Docker Hub
Slides from a talk presented at Docker meetup London in July 2018 about a recent wave of malicious images containing backdoors & crypto-mining software being published on Docker Hub.
unknown image is like running unknown code - Possibly giving someone access to your host - Access to your network - Cloud - permissions associated with instances
- Run with minimal set of privileges, no root - Run with resource limitations - Read-only fs - Network segmentation, no outbound traffic - Runtime security - Sysdig Falco (https://github.com/draios/falco/)