Workload misconfigurations

Ensure that, if applicable, an AppArmor Profile is enabled (Automated)

Risk Level

Informational (4)

Platform(s)

  • N/A

Compliance Frameworks

Description

AppArmor is an effective and easy-to-use Linux application security system. It is available on some Linux distributions by default, for example, on Debian and Ubuntu.

  • Recommended Mitigation

    If AppArmor is applicable for your Linux OS, you should enable it. 1. Verify AppArmor is installed. 2. Create or import a AppArmor profile for Docker containers. 3. Enable enforcement of the policy. 4. Start your Docker container using the customized AppArmor profile. For example: docker run --interactive --tty --security-opt='apparmor:PROFILENAME' ubuntu /bin/bash. Alternatively, Docker's default AppArmor policy can be used.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.