Ensure TLS authentication for Docker daemon is configured (Automated) - Complete Cloud Security in Minutes - Orca Security

Workload misconfigurations

Ensure TLS authentication for Docker daemon is configured (Automated)

Risk Level

Informational (4)

Platform(s)

N/A

Compliance Frameworks

Docker CIS V1.3.1

Description

It is possible to make the Docker daemon available remotely over a TCP port. If this is required, you should ensure that TLS authentication is configured in order to restrict access to the Docker daemon via IP address and port.

Recommended Mitigation

review the dockerd startup options, use: 'ps -ef | grep dockerd'. Ensure that the parameters are present: --tlsverify, --tlscacert, --tlscert, --tlskey. Review the contents of /etc/docker/daemon.json to ensure these settings are in place.

See Orca in action

See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.