Container Security Tools
Container security tools for securing Docker containers, Kubernetes clusters, and containerized applications throughout the DevOps lifecycle.
Browse 91 container security tools
FEATURED
USE CASES
Container & source code scanning for vulnerabilities, malware, and secrets
Container and Linux workload security for hybrid and multi-cloud environments
Container security platform with image scanning, admission control, and runtime
Container security platform scanning images, enforcing K8s policies & runtime threats
An educational repository providing structured lab materials and scripts for learning container technologies and their internal mechanisms.
Kubernetes security posture management with compliance monitoring and risk assessment
A Python-based Docker security audit tool that performs CIS benchmark assessments with customizable profiles and JSON reporting capabilities.
Weave Scope is a real-time visualization and monitoring tool that automatically maps Docker container infrastructures and microservices, providing interactive topology views and direct container management capabilities.
A Docker MultiStage build implementation that integrates CVE scanning into Alpine Linux container builds using Docker 17.05's build-time vulnerability assessment capabilities.
A Terraform module that provides a compliance-focused AWS EKS setup with security hardening for PCI-DSS, SOC2, and HIPAA requirements.
A command-line tool that extracts manifest and configuration data from Docker registry images for security analysis and reconnaissance purposes.
A Golang-based container security scanner that identifies potential vulnerabilities and misconfigurations in container environments by checking namespacing, capabilities, security profiles, and host device mounts.
Kubernetes security platform with industry standard open source utilities for securing Kubernetes clusters and apps.
LinuxKit is a toolkit for building custom minimal, immutable Linux distributions with secure defaults for running containerized applications like Docker and Kubernetes.
minikube is a local Kubernetes cluster management tool that enables developers to run and test Kubernetes applications on their local machines across multiple operating systems.
Kubeadm is a tool for creating Kubernetes clusters with best practices.
Security-Guard helps secure microservices and serverless containers by detecting and blocking exploits.
gVisor is a Go-based application kernel that provides enhanced container isolation by implementing Linux system calls and limiting host kernel exposure through its runsc OCI runtime.
Bane is an automated AppArmor profile generator for Docker containers that simplifies the creation of security policies with file globbing support and Docker integration.
Falco is a CNCF graduated runtime security tool that monitors Linux kernel events and syscalls to detect abnormal behavior and security threats in cloud native environments.
Dagda is a Docker security tool that performs static vulnerability analysis of container images and monitors running containers for malicious threats and anomalous activities.
Sysdig is a universal system visibility tool that provides deep monitoring and analysis capabilities for traditional systems and containerized environments through system call tracing and network activity monitoring.
An open-source script that performs automated security assessments of Docker containers and hosts against CIS Docker Benchmark standards.
Docker's Actuary is an automated security assessment tool that checks Docker container deployments against configurable best-practice checklists to ensure production readiness.
Articles About Container Security
Tool roundups, buying guides, and strategic analysis from the CybersecTools resource library.
Container Security Tools FAQ
Common questions about Container Security tools, selection guides, pricing, and comparisons.
Key container security risks include: vulnerable base images with known CVEs, secrets embedded in container images or environment variables, misconfigured Kubernetes RBAC and network policies, container escape vulnerabilities, supply chain attacks through compromised registries, and runtime threats like cryptomining. Securing containers requires scanning images before deployment and monitoring runtime behavior.
Based on user ratings and community engagement on CybersecTools, the top-rated Container Security tools are:
Yes. Out of 24 container security tools listed on CybersecTools, 19 are free and 5 are commercial. Free tools work well for small teams, testing, and budget-conscious organizations. Commercial tools typically add enterprise features, dedicated support, and SLA guarantees.
