Check Docker Hardening Configurations - User Guide - 2 - Cortex XPANSE - Cortex

Check Docker Hardening Configurations - User Guide - 2 - Cortex XPANSE - Cortex - Security Operations

Cortex Xpanse Expander User Guide

Product

Cortex XPANSE

Version

Creation date

2024-03-28

Last date published

2024-04-17

Category

User Guide

Solution

Cloud

Abstract

Check Docker hardening configurations on an engine by running the !DockerHardeningCheck command in the Incident/Alert War Room CLI.

Check your Docker hardening configurations on an engine by running the !DockerHardeningCheck command in the Incident/Alert War Room CLI. The results show the following:

Non-root User
Memory
File Descriptors
CPUs
PIDs

Before running the command, ensure that your engine is up and running.

Update the DockerHardeningCheck script to run on the engine.
Note
By default, the DockerHardeningScript runs on the Cortex XSOAR tenant.
1. Go to Incident Response → Automation → Scripts → DockerHardeningCheck → Settings.
2. In the Run on field select Single engine and from the drop-down list, select the engine you want to run the script.
3. Save the script.
Verify the Docker container has been hardened according to recommended settings, in the Incident/Alert War Room CLI, run the !DockerHardeningCheck command.

Note