This is a site with some container security resources. It is (and probably always will be) a work in progress, but hopefully you’ll find some useful information. Issues and PRs welcome using the link above.
- Container Reading List
- Container Terms for Security people
- Security Terms for security people
- Container CVE List
Resources for pentesters/redteamers and people looking to get more information about the offensive side of container security. Methodologies for testing and some tooling information.
- External Attacker Checklist
- Compromised Container Checklist
- Compromised User Credentials Checklist
- Attacker Manifests
- Tools List
- Work in progress :)