Haha, I bet the Docker team wishes they had a built-in 'runtime analysis capability' like in option B. That would be pretty neat, but I guess we're stuck with the good old Dockerfile for now.
D is also a good option. Ops teams often have a good understanding of the processes used in the containers they manage, making whitelisting more straightforward.
I agree with Wendell. Containers are great for whitelisting because you can easily define and control the processes that are allowed to run within them.
C seems like the best answer here. Containers are designed to be lightweight and focused, so they typically have a limited number of processes that should be running.
Marcos
3 months agoAlton
3 months agoLelia
2 months agoJovita
2 months agoMy
3 months agoTelma
3 months agoPrecious
3 months agoDick
3 months agoCrista
3 months agoElliott
3 months agoAlona
3 months agoOnita
3 months agoWendell
3 months agoCaitlin
3 months agoCorinne
3 months ago