Docker security tools
Anchore Engine (container analysis and inspection)
Anchore is a tool to help with discovering, analyzing and certifying container images. These images can be stored both on-premises or in the cloud. The tooling is mainly focused on developer so that perform analysis on their container images. Typical actions include running queries, creating reports, or set up policies for a continuous integration and deployment pipeline.
Dagda (vulnerability scanner for Docker containers)
malware detection, malware scanning, vulnerability management, vulnerability scanning
The main reasons to use Dagda is the detection of vulnerable or malicious components within your containerized environment.
Docker Bench (by Aqua) (Docker security scanner)
Docker Bench is one of the tools that can be used to perform a security analysis on Docker and its configuration. It can find common configuration flaws that may impose risks to other containers or the host itself.
Docker Bench for Security (Docker security scanner)
application security, configuration audit, security assessment
Docker Bench for Security is a small security scanner to perform several tests that are part of the Docker CIS benchmark.
bane (AppArmor profile generator)
application security, security monitoring, system hardening
Bane is a tool to create AppArmor profiles. This helps to secure applications by setting restrictions on resources they access or modify. A strict policy may help to prevent privilege escalation attacks.
Missing a favorite tool in this list? Share a tool suggestion and we will review it.