I'm looking for advice on running Docker in a high-security environment on an edge device. We're considering signing our images using Notary, which would require keeping a key on the edge device. Is this a good practice? What other considerations should we have in mind to ensure strong cybersecurity?
1 Answer
It's great that you're thinking about signing your images! However, don’t just stop there—it's crucial to understand the entire supply chain of your containers, including the code, libraries, and their vulnerability reports. You might even want to build a custom solution for better security. Also, consider employing rootless configurations and ensuring your networks are fully locked down.
Have you looked into secure boot? It could add another layer of security!