Tagged articles

12 articles

Page 1 of 1

Oct 18, 2025 · Information Security

Master Container Security: Complete Guide to Image Scanning and Zero‑Trust Runtime Protection

This comprehensive guide walks you through securing container workloads by defining applicable scenarios, setting up prerequisites, installing Trivy and Falco, hardening Dockerfiles, integrating CI/CD scanning and signing, configuring Kubernetes security contexts, network policies, pod security admission, runtime protection, Harbor registry hardening, regular scanning, monitoring, troubleshooting, and best‑practice recommendations.

Container SecurityKubernetesZero Trust

0 likes · 32 min read

Master Container Security: Complete Guide to Image Scanning and Zero‑Trust Runtime Protection

MaGe Linux Operations

Jul 9, 2025 · Cloud Native

Master Kubernetes Production Security: Essential Practices & Configurations

This guide walks operations engineers through a comprehensive, layered security model for production Kubernetes clusters, covering cluster hardening, network policies, RBAC, pod security standards, image scanning and signing, runtime monitoring, key management, compliance checks, and recommended tooling.

Container SecurityKubernetesRBAC

0 likes · 13 min read

Master Kubernetes Production Security: Essential Practices & Configurations

Programmer DD

Dec 21, 2022 · Information Security

Hidden Threats in Docker Hub: 1,652 Malicious Images Uncovered by Sysdig

Sysdig’s analysis of over 250,000 public Linux images on Docker Hub revealed 1,652 images containing hidden malware, including mining tools, embedded credentials, proxy‑avoidance scripts, and malicious websites, highlighting the urgent need for robust image‑scanning and credential‑management practices.

Container SecurityDockercredential management

0 likes · 4 min read

Hidden Threats in Docker Hub: 1,652 Malicious Images Uncovered by Sysdig

DeWu Technology

Dec 9, 2022 · Information Security

Container Security: Risks and Mitigation Strategies

Container security demands vigilant mitigation of risks such as image poisoning, unsafe images, compliance violations, high‑risk vulnerabilities, and container escape by preferring official images, scanning for malware and secrets, enforcing CIS benchmarks, applying cgroup and namespace isolation, and deploying runtime detection agents on each Kubernetes node for rapid response.

Container SecurityDockerimage scanning

0 likes · 13 min read

Container Security: Risks and Mitigation Strategies

Software Development Quality

Oct 19, 2022 · Cloud Native

Top Container Registries: Compare ECR, ACR, Docker Hub, GCR, and Harbor

This guide compares the leading container registries—Amazon ECR, Azure Container Registry, Docker Hub, Google Cloud Container Registry, and Harbor—highlighting their features, management capabilities, security scanning, and integration with cloud‑native workflows.

Cloud NativeContainer RegistryDocker

0 likes · 3 min read

Top Container Registries: Compare ECR, ACR, Docker Hub, GCR, and Harbor

DevOps

Aug 10, 2022 · Information Security

Container Image Security: Pain Points, Scanning Solutions, and Trivy Integration in CI/CD Pipelines

This article explains the security challenges of containerized applications, compares popular image‑scanning tools, and demonstrates how to integrate the Trivy scanner into CI/CD pipelines to achieve shift‑left security and reduce production‑stage vulnerabilities.

Container SecurityShift-LeftTrivy

0 likes · 7 min read

Container Image Security: Pain Points, Scanning Solutions, and Trivy Integration in CI/CD Pipelines

Open Source Linux

Jan 7, 2022 · Information Security

Why Your Docker Images Are Bloated and Vulnerable – A Hands‑On Scan Reveals 358 Flaws

A detailed experiment scans several Docker base images, showing how default Python images contain hundreds of vulnerabilities, while slimmer or Alpine‑based images dramatically reduce the attack surface, highlighting the security trade‑offs of image bloat and the importance of careful base‑image selection.

AlpineContainer SecurityDistroless

0 likes · 13 min read

Why Your Docker Images Are Bloated and Vulnerable – A Hands‑On Scan Reveals 358 Flaws

MaGe Linux Operations

Jan 1, 2022 · Information Security

Why Your Docker Images Are Bloated with Vulnerabilities—and How to Slim Them Down

This article examines why default Docker base images often contain hundreds of vulnerabilities, compares scans of Python, Alpine, and distroless images, and offers practical strategies for reducing container size and attack surface while maintaining functionality.

AlpineContainer SecurityDistroless

0 likes · 13 min read

Why Your Docker Images Are Bloated with Vulnerabilities—and How to Slim Them Down

Cloud Native Technology Community

Aug 12, 2021 · Industry Insights

What 2021 Container Security Trends Reveal About Runtime Risks and Tool Adoption

The 2021 Sysdig report analyzes millions of containers to uncover short lifespans, shifting runtime choices, rising use of Prometheus, prevalent security misconfigurations, image‑scanning practices, and emerging threats, offering actionable insights for organizations managing cloud‑native workloads.

Cloud NativeContainer SecurityDevOps

0 likes · 13 min read

What 2021 Container Security Trends Reveal About Runtime Risks and Tool Adoption

DevOps

May 7, 2021 · Information Security

Container Image Security: Challenges, Scanning in the SDLC, and Best Practices

This article examines the growing security concerns of container images, presents alarming vulnerability statistics, explains why image scanning should be placed before image push in the CI/CD pipeline, and outlines practical best‑practice recommendations such as using lightweight base images, non‑root users, secret management, minimal packages, Dockerfile linting, and avoiding unmaintained images.

Container SecurityDevSecOpsDocker

0 likes · 14 min read

Container Image Security: Challenges, Scanning in the SDLC, and Best Practices

Full-Stack DevOps & Kubernetes

Mar 23, 2020 · Cloud Native

How to Install and Use Harbor: A Step‑by‑Step Private Docker Registry Guide

This guide walks through preparing a CentOS 7.6 host, generating self‑signed certificates, installing Docker CE, configuring a Docker registry mirror, downloading and installing Harbor, and demonstrates how to push, scan, sign, and pull images while troubleshooting common issues.

DockerHarborInstallation

0 likes · 18 min read

How to Install and Use Harbor: A Step‑by‑Step Private Docker Registry Guide

Efficient Ops

Jun 11, 2019 · Information Security

How OPPO Secures Docker at Scale: Deep Dive into Container Security Practices

This article summarizes OPPO's comprehensive Docker security strategy, covering the container ecosystem, key vulnerabilities, image and runtime protection, Kubernetes hardening, deep image scanning, host hardening, logging, traffic analysis, and future challenges in large‑scale container deployments.

Container SecurityKubernetesOPPO

0 likes · 21 min read

How OPPO Secures Docker at Scale: Deep Dive into Container Security Practices