STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Docker Enterprise 2.x Linux/UNIX Security Technical Implementation Guide

V-235824

CAT II (Medium)

Docker Enterprise secret management commands must be used for managing secrets in a Swarm cluster.

Rule ID

SV-235824r961041_rule

STIG

Docker Enterprise 2.x Linux/UNIX Security Technical Implementation Guide

Version

V2R2

CCIs

CCI-000186

Discussion

Use Docker's in-built secret management commands for managing sensitive data that which can be stored in key/value pairs. Examples include API tokens, database connection strings and credentials, SSL certificates, and the like.

Check Content

Ensure Docker's secret management commands are used for managing secrets in a Swarm cluster.

Refer to the System Security Plan (SSP) and verify that it includes documented processes for using Docker secrets commands to manage sensitive data that can be stored in key/value pairs. Examples include API tokens, database connection strings and credentials, SSL certificates, and the like.

If the SSP does not have this documented, then this is a finding.

Fix Text

Update the SSP so that it includes documented processes for using Docker secrets commands to manage sensitive data that can be stored in key/value pairs. Examples include API tokens, database connection strings and credentials, SSL certificates, and the like. Follow docker secret documentation and use it to manage secrets effectively. This documentation can be found at https://docs.docker.com/engine/swarm/secrets/.