Docker Introduces Multiple New Security Efforts including Project Nautilus

By CIOReview | Tuesday, January 5, 2016

FREMONT, CA: As Docker container adoption witnesses’ massive growth, the need for accelerating the container security becomes more essential. To that end, Docker introduces several new security – focused efforts to overcome the steady growth of containers and in a bid to make it safer, reports Sean Michael Kerner for eWEEK.

Docker launches Project Nautilus, an image scanning effort for Docker application images. Project Nautilus provides automated security analysis for images that are hosted on the Docker Hub image repository.

Part of the Docker Content Trust leverages open-source Notary project and rest relies on encryption keys. Docker has further announced the support for hardware encryption with Yubico USB Keys that are compliant with the FIDO Alliance Universal Second Factor (U2F) specification. This Yubico key uses a hardware-encrypted token which never reveals the private root encryption key that is used to sign an application image.

Nautilus does deep content analysis helps developers secure their new or existing software update systems, which are already known and found in existing Linux distribution vulnerability databases. The new security effort of docker also aims to improve security visibility and control by supporting user namespaces, and also provides control for individual applications and processes that run on Docker.

"You can give developers the most secure tools in the world, but if the tools get in the way, they won't use it and the result is unusable security, which is really not security at all. By providing usable security tools, we can move the needle on improving security for everyone.” says Hykes