Skip to content


Docker Concepts

Docker Fundamentals

Docker Hacking

Docker Hardening

Build Image locally

# Build the image
docker build -t <image_name>:<tag> .

# Build image from file path
docker build -t <image_name>:<tag> -f .\docker\Dockerfile .

Run images in a docker network

# Create docker network
docker network create -d bridge my-nat

# Run the image in a custom NAT with port mapping and volume mapping
docker run --name=server -p 80:8000 -v $(pwd):/app --network=my-nat -itd  build

# Get a shell on container
docker run -it --network=my-nat test /bin/bash

Push image to Docker Registry

# Generate your PAT from
docker login -u <username>

# tag image to dockerhub
# docker tag mylocalimage:latest darlin/dockerhub:myfirstimagepush
docker tag sslyze:1.0 akenofu/sslyze:1.0

# Push image
            # user/image:tag
docker push akenofu/sslyze:1.0

Fix Docker Security issues

Once a list of vulnerabilities have been identified, there are a couple of actions you can take to remediate the vulnerabilities. For example, you can:

  1. Specify an updated base image in the Dockerfile, check your application-level dependencies, rebuild the Docker image, and then push the new image to Docker Hub.
  2. Rebuild the Docker image, run an update command on the OS packages, and push a newer version of image to Docker Hub.
  3. Edit the Dockerfile to manually remove or update specific libraries that contain vulnerabilities, rebuild the image, and push the new image to Docker Hub

Docker Scout can provide you with concrete and contextual remediation steps for improving image security. For more information, see Docker Scout.

# Display Recommendations
docker scout recommendations

# Find only high issues in a nice format
docker scout cves --only-severity high --format only-packages --only-vuln-packages akenofu/sslyze:1.0
CI/CD Integration available at: GitHub - docker/scout-cli: Docker Scout CLI