I recently watched 2 great talks on container security by Justin Cormack from Docker at Devoxx Belgium and Adrian Mouat from Container Solutions at GOTO Stockholm . We were following many of the suggestions but there was still room for improvement. So we decided it was good time to do a security tuneup of our dockerfiles.
Official images
We’re longtime users of Alpine linux as we prefer the smaller size and reduced attack surface compared with Debian or Ubuntu based images. So we were using the official alpine image as the base for all our images. However an added benefit of the official images is that Docker have a team dedicated to keeping them up to date and following best practices.
Read more at Microscaling Systems