Public Repository

Last pushed: 3 years ago
Short Description
Pasonaru Security Essentials - Diagnose common security issues in your containers
Full Description

What is Pasonaru Security Essentials?

Pasonaru Security Essential (PSE) is a tool for diagnosing and fixing common security problems arising when creating and maintaining containers. Use this tool to evaluate the security of the Docker containers you have deployed and to increase your knowledge about the different security aspects of Docker containers.

We support two options for running PSE. One is inside the dedicated container and another one as a standalone executable. Please find more details on both below.

If you find any issue or have a feature request, please file it in our Github repository.

How to run

docker run --pid=host -c=10 -m=4m -v=/var/run/docker.sock:/var/run/docker.sock pasonaru/pse <args>`

docker run --pid=host -it -v /var/run/docker.sock:/var/run/docker.sock --rm pasonaru/pse diagnose

CONTAINER ID CONTAINER NAME STATUS ISSUE_COUNT 4f47007af3b770db /condescending_curie Vulnerable 6 70c02847ac0cf021 /elated_tesla Vulnerable 7

Stand alone tool

It is also possible to use a stand alone tool. Please install using the following:

$ sudo curl -L -o /usr/bin/pse $ sudo chmod a+x /usr/bin/pse

Then just run the pse command.

Known issues

In case you receive the following error:

flag provided but not defined: --pid

You might be using an old docker client (version < 1.5).

As a workaround, you can remove the --pid flag but note that some diagnostics will be disabled.

For more information see [about PSE] (

Docker Pull Command