Seguridad en la infraestructura tecmológica. Buenas prácticas para la implementación de contenedores Docker

Mary  Nelsa Bonne; Victor Alejandro Roque

Authors

Mary Nelsa Bonne Universidad de las Ciencias Informáticas
Victor Alejandro Roque Universidad de las Ciencias Informáticas

Keywords:

containers; Linux kernel; Docker platform; security

Abstract

The growing adoption of Docker containers has significantly improved the efficiency of software development and deployment. However, this agility entails significant security risks, such as image vulnerabilities, insecure configurations, and the lack of integration of security regulations into Continuous Integration and Delivery workflows. This research addresses the security challenges of Docker environments within DevOps pipelines, where the lack of automated integration of regulations and continuous vulnerability scanning exposes them to critical risks. An automated model is proposed that combines the CIS Docker Benchmark, OWASP Top 10, and NIST 800-53 controls, implemented using the NeuVector tool integrated into CI/CD pipelines. The findings reveal its effectiveness in strengthening security in academic and production environments, natively incorporating security into the secure software development lifecycle. Its extension to other container and orchestration technologies is recommended.

References

Cloud Native. (2025, abril 1). Cloud Native 2024: Approaching a Decade of Code, Cloud, and Change. CNCF. https://www.cncf.io/reports/cncf-annual-survey-2024/

Falco. (2025). Falco use cases | Falco. https://falco.org/about/use-cases/#compliance

Fernández, P. (2023, junio 5). Docker y microservicios. Blog de hiberus. https://www.hiberus.com/crecemos-contigo/docker-y-microservicios/

Gupta, A., Kumar, A., Singh, N., Sudarshan, N., Studitsky, V. M., Zhang, K. Y., & Akhtar, M. S. (2023). The Saccharomyces cerevisiae SR protein Npl3 interacts with hyperphosphorylated CTD of RNA Polymerase II. International Journal of Biological Macromolecules, 253, 127541. https://doi.org/10.1016/j.ijbiomac.2023.127541

López, M. (2020). SecDevOps: Análisis de contenedores Docker e integración de herramientas SAST y DAST. SecDevOps : - Dipòsit Digital de Documents de la UAB

OWASP. (2024). OWASP Vulnerable Container Hub | OWASP Foundation. https://owasp.org/www-project-vulnerable-container-hub/

SUSE NeuVector. (2025). Compliance & CIS Benchmarks | Neuvector Docs. https://open-docs.neuvector.com/scanning/scanning/compliance/

Valenzuela, L. (2022, septiembre 19). Nueva Ley de protección de datos en Cuba. Umbra Abogados. https://www.umbraabogados.com/nueva-ley-de-proteccion-de-datos-en-cuba/

Vergara, S. A. (2024). Análisis de seguridad en el despliegue de Postgres con contenedores Docker para garantizar la integridad de la información en el Supermercado Escobar del cantón Vinces. [bachelorThesis, Babahoyo: UTB-FAFI. 2024]. http://dspace.utb.edu.ec/handle/49000/15684