Docker hardening guide - Administrator Guide - Cortex XSIAM - Cortex - Security Operations

Cortex XSIAM Documentation

Product
Cortex XSIAM
Creation date
2024-03-06
Last date published
2024-05-22
Category
Administrator Guide
Abstract

Use the Docker Hardening Guide to configure the Cortex XSIAM settings when running Docker containers.

The following describes the engine settings we recommend for securely running Docker containers.

When editing the configuration file, you can limit container resources, open file descriptors, limit available CPU, and more. For example, add the following keys to the configuration file:

{"docker.run.internal.asuser": true,"limit.docker.cpu": true,"limit.docker.memory": true,"python.pass.extra.keys": "--pids-limit=256##--ulimit=nofile=1024:8192"}

Tip

We recommend reviewing Docker network hardening below, before changing any parameters in the configuration file.

To securely run Docker containers, we recommend to use the latest Docker version.

You can Check Docker Hardening Configurations to verify that the Docker container has been hardened according to the settings we recommend.

Note

The settings below can also be applied to Podman, with the exception of limiting available memory, limiting available CPU, and limiting PIDS.