Docker Enhances Open Source Container Security with Signing and More

Security for Linux-based open source containers took another step forward today with Docker's announcement of new ways to verify container images' integrity with hardware signing and scan images for security vulnerabilities.

Christopher Tozzi, Contributing Editor

November 16, 2015

1 Min Read
Docker Enhances Open Source Container Security with Signing and More

Security for Linux-based open source containers took another step forward today with Docker‘s announcement of new ways to verify container images’ integrity with hardware signing and scan images for security vulnerabilities.

The security features new to Docker include:

  • Hardware-based signing via Yubico Yubikey 4, which will provide container images with a unique signature. Users can check that signature against the signature of container images they download to ensure that the contents have not been changed.

  • Content auditing and vulnerability scanning for container images stored in official Docker repositories using Docker Content Trust, which debuted in August.

  • Granular access control in containers via a new user namespace feature.

Docker is pitching the security enhancements as a way to make containers safer — and therefore more palatable to security-and compliance-minded organizations — without interfering with the flexibility that currently helps to distinguish containers from other types of app-deployment platforms.

The news comes on the heels of CoreOS‘s announcement on Friday that it has launched a new open source tool, called Clair, to help container users on all Linux distributions test containers for security vulnerabilities.

Docker, which oversees development of the most popular open source container-based virtualization platform for deploying apps in the cloud, announced the security initiative at DockerCon in Barcelona on Nov. 16.

Read more about:

AgentsMSPsVARs/SIs

About the Author

Christopher Tozzi

Christopher Tozzi

Contributing Editor

Christopher Tozzi started covering the channel for The VAR Guy on a freelance basis in 2008, with an emphasis on open source, Linux, virtualization, SDN, containers, data storage and related topics. He also teaches history at a major university in Washington, D.C. He occasionally combines these interests by writing about the history of software. His book on this topic, “For Fun and Profit: A History of the Free and Open Source Software Revolution,” is forthcoming with MIT Press.

See more from Christopher Tozzi
Free Newsletters for the Channel
Register for Your Free Newsletter Now
Subscribe

You May Also Like

Galleries
See all
Mar 24 - Mar 27, 2025
The Channel Partners Conference & Expo, co-located with MSP Summit, is the gathering place for the technology services community. Agents, VARs, MSPs, integrators and service providers will converge to share ideas and drive discussion on the topics shaping our industry.
REGISTER NOW