Docker incorporates several inherent security features that contribute to its overall security posture. When you use Docker to quickly create an environment and test some code, security is important enough (especially if you execute any , but when using Docker for production, multi-user environments, it is essential to treat the container as you would any other server environment.
The following is a list of some of the basic security principles that are baked into Docker.
This includes some of the things Docker does for your automatically, limitations around securing containers, and common attack modes. It’s a high-level overview but interesting to read.