Region

Login

Support

ThriveDX logo, clear background, web format
Contact Us

Top 10 vulnerabilities for Docker COMPOSE

Get Trained and Stay Ahead of Cybersecurity Threats with Our Vast Library of Application Security Training Content.

Get Your Free Trial
BACKEND COURSES
FRONT-END COURSES
AWS TOP 10
CLOUD & DEVOPS COURSES
MOBILE APPLICATIONS

Container Resources Limitation

Attackers can utilize various D/DoS attacks to cause an improperly managed container to exhaust its and its host machine resources.

Exposed Docker Socket

An exposed Docker socket allows an attacker to escape a container and take over the host machine.

Host Update

To prevent exploitation of known container takeover and escape vulnerabilities, updates for the Docker Engine and host machine must be implemented.

Improper Write Permissions for Volumes and Host Filesystem

Improperly configured volumes and bind mounts allow an attacker to modify and add files that the host and other containers use with malicious code and software.

Insecure Image Registries

An insecure image registry allows an attacker to pull, modify, and delete existing images, including adding malicious images with malware.

Minimal Base Image

The utilization of a minimal (slim) base is an image that has only the required dependencies and services that are required to function, which reduces the attack surface that a malicious actor can utilize. Please Note: The Unverified Container Images exercise is a prerequisite for this exercise. Please make sure you review it before beginning this exercise.

Privileged Containers

Docker provides a privileged mode, which lets a container run as a root full on the host machine; a malicious actor can exploit such a container to take over the host.

Sensitive Data Leak via Docker Images

Sensitive data such as passwords, API & encryption keys that are used by a docker image can be extracted from an image even if the data was not properly deleted during the build process.

Unsegregated Container Network

Improper management and segregation of a container network can allow a malicious actor to take over any container and machines on the same network, including the host.

Unverified Container Images

Before utilization, an unverified public base image must be scanned and reviewed to check if it contains vulnerable dependencies and malware such as backdoors, crypto miners, etc.
Back to Course Library

Ready to get started?

Experience the full Kontra platform and see what it can do for you and your team.

Get Your Free Trial
Training Solutions

For Individuals

For Universities

For Enterprise

About Us

In the News

Blog 

Events

Contact Us

Become a Partner

Hire Our Grads

Careers

 

Stay in Touch

Stay updated with news and press releases from ThriveDX

Linkedin Instagram
ThriveDX large footer logo

©2024 ThriveDX, All Rights Reserved.

Get Your Free Trial

Almost There.

Are you ready to gain hands-on experience with the IT industry’s top tools, 
techniques, and technologies?

Take the first step and download the syllabus.

Name
Address
By clicking "Request Info," I consent to be contacted by ThriveDX, including by email, calls, and text messages, (including by autodialer or prerecorded messages) about my educational interests. I understand that my consent to be contacted is not required to enroll. Msg. and data rates may apply.

Contact (212) 448-4485 for more information. I also agree to the Terms of Use and Privacy Policy.

Download Syllabus

Let’s Talk

Download Syllabus

Apprenticeship Program

Apprenticeship Program

Let’s Talk

Access our Free OWASP Top 10 for Web

Enter your information below to join our referral program and gain FREE access for 14 days

Follow the steps below to get FREE access to our OWASP top 10 for Web course for 14 days

  1. Simply copy the LinkedIn message below
  2. Post the message on your LinkedIn profile
  3. We will contact you as soon as possible on LinkedIn and send you an invite to access our OWASP Top 10 for Web course

IMPORTANT!

Make sure you confirm the tag @ThriveDX Enterprise after pasting the text below in your LinkedIn to avoid delays in getting access to the course.
tagging ThriveDX Enterprise on LinkedIn

Ready to Share?

Copy Text

Take me to now >

Contact ThriveDX Partnerships

[forminator_form id=”10629″]
Skip to content