Haha, I bet the Docker team wishes they had a built-in 'runtime analysis capability' like in option B. That would be pretty neat, but I guess we're stuck with the good old Dockerfile for now.
D is also a good option. Ops teams often have a good understanding of the processes used in the containers they manage, making whitelisting more straightforward.
I agree with Wendell. Containers are great for whitelisting because you can easily define and control the processes that are allowed to run within them.
C seems like the best answer here. Containers are designed to be lightweight and focused, so they typically have a limited number of processes that should be running.
Marcos
7 months agoAlton
7 months agoLelia
6 months agoJovita
6 months agoMy
7 months agoTelma
7 months agoPrecious
7 months agoDick
7 months agoCrista
7 months agoElliott
7 months agoAlona
7 months agoOnita
7 months agoWendell
7 months agoCaitlin
7 months agoCorinne
7 months ago