Δοκιμές παρείσδυσης σε περιβάλλοντα Docker Container
Docker Container penetration testing
Nowadays Docker environments are booming with over 7 million applications running on Docker and over 18 million developers choosing Docker to develop their applications. However, it is very important that in addition to all the conveniences that Docker environments provide, we should consider the risks and security challenges that we may have to face in such environments. In this paper we will look at how we can achieve higher levels of security in Docker container environments from the perspective of aggressive security and in particular penetration testing. We will look at the building blocks of Docker containers in order to learn about Docker technology to equip ourselves for the following chapters. In addition, we will look at and analyze Docker security from two perspectives, from within the containers and from the host in order to see the full spectrum of Docker security. Then, we will look at the checks we need to perform during penetration testing again from two viewpoints inside and outside of Docker containers. In addition, we will analyze useful tools that help and automate the checks we will need to perform. Finally, we will compile all the checks and actions that need to be done during a penetration test into a checklist that can be used during the process.