Skip to main content

Filed under

Docker

4 entries

  1. Security·10 min read·

    Hardening Docker Containers in Your Homelab: A Defense-in-Depth Approach

    Eight security layers that stopped real attacks in homelab testing: minimal base images, user namespaces, seccomp profiles, network segmentation, and more. Defense-in-depth without Kubernetes overhead.

  2. Supply Chain·10 min read·

    NodeShield: Runtime SBOM Enforcement Stops 98% of Supply Chain Attacks

    NodeShield enforces SBOMs at runtime using CBOM policies to prevent supply chain attacks. Homelab Docker deployment guide with attack simulations, 98.3% prevention rate, and <1ms overhead.

  3. Docker·12 min read·

    Docker Runtime Security Hardening with Linux Security Modules

    Harden Docker containers using AppArmor and SELinux for isolation without orchestration overhead. LSM profiles, seccomp filters, and capability dropping at homelab scale.

  4. Container Orchestration·11 min read·

    Sandboxing Untrusted Containers with gVisor: Lessons from G-Fuzz Vulnerability Research

    Secure containers with gVisor sandboxing—prevent kernel exploits in Kubernetes clusters while managing 59% startup overhead for untrusted workloads.