Container security

Linux servers are often a base for running Docker containers and Docker orchestration tools. The container security feature is part of the real-time file system protection in ESET Server Security for Linux (ESSL).

ESSL v8.1 can detect threats or suspicious activity in a container and block them but cannot eliminate them; meaning, a suspicious script will be blocked from execution but will not be deleted. You can delete it manually.

ESET's real-time file system protection can scan the container in the following phases:

process of building the container image

deploying the container image on a machine protected by ESSL

The activity inside the container is also scanned in real-time for suspicious behavior

At ESET, we tested Docker CE (Community Edition) version 20.10.7.