Docker Bench (by Aqua)
Tool and Usage
Project details
- License
- Apache License 2.0
- Programming language
- Golang
- Latest release
- 0.5.0
- Latest release date
Project health
Links
 | GitHub project |
Why this tool?
Docker Bench is one of the tools that can be used to perform a security analysis on Docker and its configuration. It can find common configuration flaws that may impose risks to other containers or the host itself.
How it works
Docker Bench uses a YAML definition file to test the defined settings. When a mismatch is discovered, a related message will be displayed.
Background information
Note: there is also a Docker Bench by Docker itself (written in shell script).
Usage and audience
Docker Bench (by Aqua) is commonly used for configuration audit. Target users for this tool are auditors, developers, security professionals, and system administrators.
Features
- Command line interface
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
Strengths
- + The source code of this software is available
Weaknesses
- - No releases on GitHub available
Installation
Supported operating systems
Docker Bench (by Aqua) is known to work on Linux.
Docker Bench (by Aqua) alternatives
Similar tools to Docker Bench (by Aqua):
Anchore Engine
Anchore is a toolkit to perform in-depth container analysis, inspection, and controlling them. Among security scanning, it can do a wide range of functions.
Dagda
Dagda is a security tool to perform static analysis of known vulnerabilities, malware and threats in Docker images and containers. It monitors both the Docker daemon and running containers to find anomalies and suspicious activities.
Docker Bench for Security
Docker Bench for Security is a small security scanner to perform several tests that are part of the Docker CIS benchmark.
This tool page was updated at . Found an improvement? Help the community by submitting an update.
Related tool information
Categories
This tool is categorized as a Docker security tool.