1.1.2 Ensure only trusted users are allowed to control Docker daemon | CIS Docker v1.5.0 L1 Linux Host OS | Unix | |
1.1.6 Ensure auditing is configured for Docker files and directories - /etc/docker | CIS Docker v1.5.0 L1 Linux Host OS | Unix | |
1.1.10 Ensure auditing is configured for Docker files and directories - /etc/default/docker | CIS Docker v1.3.1 L1 Linux Host OS | Unix | |
1.1.10 Ensure auditing is configured for Docker files and directories - /etc/default/docker | CIS Docker v1.5.0 L1 Linux Host OS | Unix | |
1.1.11 Ensure auditing is configured for Docker files and directories - /etc/docker/daemon.json | CIS Docker v1.3.1 L1 Linux Host OS | Unix | |
1.1.11 Ensure auditing is configured for Docker files and directories - /etc/docker/daemon.json | CIS Docker v1.5.0 L1 Linux Host OS | Unix | |
1.2.2 Ensure only trusted users are allowed to control Docker daemon | CIS Docker v1.2.0 L1 Linux Host OS | Unix | ACCESS CONTROL |
1.3 Harden the container host | CIS Docker 1.11.0 v1.0.0 L1 Linux | Unix | CONFIGURATION MANAGEMENT |
1.3 Harden the container host | CIS Docker 1.12.0 v1.0.0 L1 Linux | Unix | CONFIGURATION MANAGEMENT |
1.4 Ensure only trusted users are allowed to control Docker daemon | CIS Docker Community Edition v1.1.0 L1 Linux Host OS | Unix | ACCESS CONTROL |
1.4 Harden the container host | CIS Docker 1.6 v1.0.0 L1 Linux | Unix | CONFIGURATION MANAGEMENT |
1.5 Audit docker daemon | CIS Docker 1.13.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
1.5 Ensure auditing is configured for the docker daemon | CIS Docker Community Edition v1.1.0 L1 Linux Host OS | Unix | AUDIT AND ACCOUNTABILITY |
1.6 Keep Docker up to date | CIS Docker 1.6 v1.0.0 L1 Linux | Unix | SYSTEM AND INFORMATION INTEGRITY |
1.6 Only allow trusted users to control Docker daemon | CIS Docker 1.11.0 v1.0.0 L1 Linux | Unix | ACCESS CONTROL |
1.6 Only allow trusted users to control Docker daemon | CIS Docker 1.12.0 v1.0.0 L1 Linux | Unix | ACCESS CONTROL |
1.13 Audit Docker files and directories - /etc/docker/daemon.json | CIS Docker 1.11.0 v1.0.0 L1 Linux | Unix | AUDIT AND ACCOUNTABILITY |
2.1 Do not use lxc execution driver | CIS Docker 1.6 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
2.4 Do not use insecure registries | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | SYSTEM AND INFORMATION INTEGRITY |
2.4 Do not use insecure registries | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | SYSTEM AND INFORMATION INTEGRITY |
2.4 Ensure Docker is allowed to make changes to iptables - daemon.json | CIS Docker v1.3.1 L1 Docker Linux | Unix | |
2.6 Ensure TLS authentication for Docker daemon is configured - tlscacert | CIS Docker v1.2.0 L1 Docker Linux | Unix | |
2.6 Ensure TLS authentication for Docker daemon is configured - tlskey | CIS Docker v1.2.0 L1 Docker Linux | Unix | |
2.14 Enable live restore | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.14 Ensure live restore is Enabled | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
2.15 Ensure live restore is enabled | CIS Docker v1.6.0 L1 Docker Linux | Unix | PLANNING, SYSTEM AND SERVICES ACQUISITION |
2.18 Disable Userland Proxy | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
3.8 Ensure that registry certificate file permissions are set to 444 or more restrictive | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
3.10 Verify that docker-network environment file permissions are set to 644 or more restrictive | CIS Docker 1.6 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
3.13 Verify that Docker server certificate key file ownership is set to root:root | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
3.13 Verify that docker-storage environment file ownership is set to root:root | CIS Docker 1.6 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
3.16 Ensure that Docker socket file permissions are set to 660 or more restrictive | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
3.16 Ensure that the Docker socket file permissions are set to 660 or more restrictively | CIS Docker v1.3.1 L1 Docker Linux | Unix | |
3.16 Verify that Docker socket file permissions are set to 660 or more restrictive | CIS Docker 1.13.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
3.16 Verify that Docker socket file permissions are set to 660 or more restrictive | CIS Docker 1.12.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
3.19 Ensure that /etc/default/docker file ownership is set to root:root | CIS Docker Community Edition v1.1.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
3.20 Verify that /etc/default/docker file permissions are set to 644 or more restrictive | CIS Docker 1.11.0 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
3.23 Verify that Docker server certificate key file ownership is set to root:root | CIS Docker 1.6 v1.0.0 L1 Docker | Unix | CONFIGURATION MANAGEMENT |
5.10 Do not use host network mode on container | CIS Docker 1.6 v1.0.0 L1 Docker | Unix | |
5.31 Ensure that the Docker socket is not mounted inside any containers | CIS Docker v1.3.1 L1 Docker Linux | Unix | |
5.32 Ensure that the Docker socket is not mounted inside any containers | CIS Docker v1.6.0 L1 Docker Linux | Unix | ACCESS CONTROL |
7.1 Ensure swarm mode is not Enabled, if not needed | CIS Docker v1.3.1 L1 Docker Linux | Unix | |
7.1 Ensure swarm mode is not Enabled, if not needed | CIS Docker v1.2.0 L1 Docker Linux | Unix | CONFIGURATION MANAGEMENT |
DKER-EE-001940 - SELinux security options must be set on Red Hat or CentOS systems for Docker Enterprise. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r1 | Unix | |
DKER-EE-002090 - Docker Enterprise exec commands must not be used with the user option. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r1 | Unix | CONFIGURATION MANAGEMENT |
DKER-EE-002090 - Docker Enterprise exec commands must not be used with the user option. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
DKER-EE-005300 - Docker Enterprise server certificate key file permissions must be set to 400. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r1 | Unix | CONFIGURATION MANAGEMENT |
DKER-EE-005300 - Docker Enterprise server certificate key file permissions must be set to 400. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r2 | Unix | CONFIGURATION MANAGEMENT |
DKER-EE-005320 - Docker Enterprise socket file permissions must be set to 660 or more restrictive. | DISA STIG Docker Enterprise 2.x Linux/Unix v1r1 | Unix | CONFIGURATION MANAGEMENT |
DKER-EE-005320 - Docker Enterprise socket file permissions must be set to 660 or more restrictive. | DISA STIG Docker Enterprise 2.x Linux/Unix v2r1 | Unix | CONFIGURATION MANAGEMENT |