The Docker update identifies secure usage of container applications with security enhancements.
Docker has released new updates of its Docker Datacenter (DDC) on 1.13 open-source and commercial container platforms.
The release comes with a selection of new features around app services, security, image distribution and usability.
In order to help safeguard container secrets such as passwords, access tokens and other privileged access information, Docker deployed its new secrets management capability, a native solution designed to strengthen the trusted delivery component of container security.
Working towards the enhancement of container security, Docker believes there are three essential components which will develop safer apps. These are usable security, trusted delivery and infrastructure independent.
Usable security works to deliver secure defaults with tooling that is native to DevOps, Trusted delivery provides all requirements for a full functioning app to ensure safe delivery.
Lastly, the Infrastructure independent function ensures all system components are in the app platform and are able to move across infrastructure without disturbance to the app.
Docker says that apps appear safer if there is standardised interface for accessing secrets. This means being able to follow security best practices such as the encryption of secrets while in transit, encrypting secrets at rest and also preventing them from being leaked when consumed.
Its secrets solution is designed for the easy usage of developers and IT operations teams to build and runs safer apps.
Docker wrote on their blog: “By integrating secrets into Docker orchestration, we are able to deliver a solution for the secrets management problem that follows these exact principles.”
Also updated within its DDC 1.13 solution, is Docker Security Scanning, which enables a binary level scanning of images and their layers. The feature works by creating a bill of materials (BOM) of users’ image, checks packages and versions against a number of CVE databases.
The BOM is then stored and checked regularly against the databases to identify and notify users of any new vulnerability that may arise.
The Docker 1.13 update was released this week and is now available for a free 30 day trial on Docker’s online container store, developed in 2016.