-
Notifications
You must be signed in to change notification settings - Fork 0
/
example_data.yml
15 lines (15 loc) · 1.15 KB
/
example_data.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
policies:
- title: "Ensure that a user for the container has been created (Automated)"
description: "You should ensure that the Dockerfile for each container image contains the information: USER <username or ID>. If there is no specific user created in the container base image, then make use of the useradd command to add a specific user before the USER instruction in the Dockerfile."
references:
- name: CIS Docker Security Benchmark v1.3.1 \#1
url: https://www.cisecurity.org/benchmark/docker/
- name: SynkBlog
url: https://snyk.io/blog/10-docker-image-security-best-practices/
- title: "Ensure that containers use only trusted base images (Manual)"
description: "Configure and use Docker Content trust. View the history of each Docker image to evaluate its risk, dependent on the sensitivity of the application you wish to deploy using it. Scan Docker images for vulnerabilities at regular intervals."
references:
- name: CIS Docker Security Benchmark v1.3.1 \#2
url: https://www.cisecurity.org/benchmark/docker/
- name: SynkBlog
url: https://snyk.io/blog/10-docker-image-security-best-practices/