====================================================================
Published: 21 October 2022
Tags: containers, docker, infosec, kubernetes, node, philosophy
Mathew Duggan presents the dangers of adopting new technology without due diligence. Mathew specifically focuses on containers, explaining how they're frequently used incorrectly from a security and best practice point of view.
Some highlights:
- Don't run apps in containers as root
- If you're using Docker in production, you should really understand how permissions work on the host OS
- Use Docker Bench for Security for scanning containers to check if they're made securely and get recommendations if not
- k8s is a bad choice for most businesses