Search code examples
dockersecuritykubernetestrivy

How do I create sample security issues on Docker?

I'm trying to create an assignment for students to do that contains the following :

  1. A docker image with issues that have to be scanned and remedied. (using an opensource scanner in kubernetes)
  2. (Maybe) A sample attack scenario that can exploit those vulnerabilities.

The problem arises when I try to find a suitable vulnerable image or create one. I cannot find a base of security issues at all. I really bend my back thinking of a suitable phrase in Google but everything leads merely to some blog posts about how-to scan an image. I expected a database that might contain multiple sec issues and what causes them. I'd also expect some way to discern which are the most popular ones.

Do you have the source I require ? Maybe you can just offer me 3-4 common security issues that are good to know and educational when having your first brush with docker ? (And how to create those issues ?)

The whole situation would have been probably easier if I myself would have been an expert in the field, but the thing I do is also my assignment as a student. (So as students we design assignments for each other. )

Solution

  • Looks like you are looking for the Container security hardening and Kubernetes security options maybe.

    You can use some tools like

    • kubesec - Security risk analysis for Kubernetes resources
    • checkov - Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open-source packages
    • Trivy - vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

    If you are looking for some questions you can set like, this is CKS (Certified Kubernetes Security) exam question

    • There are a number of pods/container running in the "spectacle" namespace. Identify and delete the pods which have CRITICAL vulnerabilities.

    For this trivy opensource tools comes into the picture to scan the image that you will be using in the deployment of Kubernetes or docker

    trivy image --severity CRITICAL nginx:1.16 (Image running in container)

    List of few questions you can create lab out of it : https://github.com/moabukar/CKS-Exercises-Certified-Kubernetes-Security-Specialist/tree/main/7-mock-exam-questions