Download
The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production. The tests are all automated, and are based on the CIS Docker Benchmark v1.3.1. We are making this available as an open-source utility so the Docker community can have an easy way to self-assess their hosts and docker containers against this benchmark. We packaged docker bench as a small container for your convenience. Note that this container is being run with a lot of privilege, sharing the host's filesystem, pid and network namespaces, due to portions of the benchmark applying to the running host. The easiest way to run your hosts against the Docker Bench for Security is by running our pre-built container. Don't forget to adjust the shared volumes according to your operating system.
Features
- You have two options if you wish to build and run this container yourself
- Use Docker Build
- Use Docker Compose
- Run from your base host
- Docker bench requires Docker 1.13.0 or later in order to run
- Docker Bench for Security script will run all available CIS tests and produce logs in the log folder from current directory
Project Samples
