Docker hardening guide - Administrator Guide - Cortex XSIAM - Cortex - Security Operations

Cortex XSIAM Documentation

Cortex XSIAM
Creation date
Last date published
Administrator Guide

Use the Docker Hardening Guide to configure the Cortex XSIAM settings when running Docker containers.

The following describes the engine settings we recommend for securely running Docker containers.

When editing the configuration file, you can limit container resources, open file descriptors, limit available CPU, and more. For example, add the following keys to the configuration file:

{"": true,"limit.docker.cpu": true,"limit.docker.memory": true,"python.pass.extra.keys": "--pids-limit=256##--ulimit=nofile=1024:8192"}


We recommend reviewing Docker network hardening below, before changing any parameters in the configuration file.

To securely run Docker containers, we recommend to use the latest Docker version.

You can Check Docker Hardening Configurations to verify that the Docker container has been hardened according to the settings we recommend.


The settings below can also be applied to Podman, with the exception of limiting available memory, limiting available CPU, and limiting PIDS.