Docker Bench (by Aqua)
Tool and Usage
|License||Apache License 2.0|
|Latest release||0.3.0 |
Why this tool?
Docker Bench is one of the tools that can be used to perform a security analysis on Docker and its configuration. It can find common configuration flaws that may impose risks to other containers or the host itself.
How it works
Docker Bench uses a YAML definition file to test the defined settings. When a mismatch is discovered, a related message will be displayed.
Note: there is also a Docker Bench by Docker itself (written in shell script).
Usage and audience
Docker Bench (by Aqua) is commonly used for configuration audit. Target users for this tool are auditors, developers, security professionals, and system administrators.
- Command line interface
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + The source code of this software is available
- - No releases on GitHub available
Supported operating systems
Docker Bench (by Aqua) is known to work on Linux.
Docker Bench (by Aqua) alternatives
Similar tools to Docker Bench (by Aqua):
Anchore is a toolkit to perform in-depth container analysis, inspection, and controlling them. Among security scanning, it can do a wide range of functions.
The bane tool is an AppArmor profile generator for Docker containers. It helps with creating the appropriate profile for confinement on system level.
Dagda is a security tool to perform static analysis of known vulnerabilities, malware and threats in Docker images and containers. It monitors both the Docker daemon and running containers to find anomalies and suspicious activities.
This tool page was updated at . Found an improvement? Help the community by submitting an update.
Related tool information
This tool is categorized as a Docker security tool.