Query: 5.22 Ensure the default seccomp profile is not Disabled

Description

Seccomp filtering provides a means for a process to specify a filter for incoming system calls. The default Docker seccomp profile works on a whitelist basis and allows for a large number of common system calls, whilst blocking all others. This filtering should not be disabled unless it causes a problem with your container application usage.

Query

Tables used in this query:

• docker_container

Controls using this query:

• 5.22 Ensure the default seccomp profile is not Disabled

SQL