This presentation extracts few points from CIS Docker 1.12 benchmark which was co-authored by me.
Ref: https://benchmarks.cisecurity.org/downloads/show-single/index.cfm?file=docker12.100
Abstract: The concept of containerization was in Linux from ages in the form of jails, zones, LXC etc. but it is since 2 years it gained tremendous recognition. The credit goes to "Docker" which made the concept of containerization very useful and handy by adding many benefits to existing container technologies. Tech giants like Redhat, Google, IBM, VMware etc. are not only the biggest contributors to this most active open source project but also major users of it. The effect of containers already impacted the virtual machine market and this impact is going to increase significantly in near future.
Security is always an important issue for any upcoming technology and Docker is no exception to it. This presentation starts with a brief introduction to containers vs. virtualization technology, Docker ecosystem and then goes in-detailed into security of “Docker Images” explaining various security issues that can happen in each stage of Docker image life cycle and how each of them can be fixed. It also provides security benchmark to enterprises/personal users who want to maintain their own in-house registry and need a security compliance set for generating/consuming/maintaining images securely.