QuickFix.

Bibliography.bib

@@ -578,7 +578,7 @@
 @article{yasrab2018mitigating,
     title = {Mitigating docker security issues},
     author = {Yasrab, Robail},
-    year = {2018},
+    year = {2023},
     journal = {arXiv preprint arXiv:1804.05039},
     urldate = {2023-07-29},
 }
@@ -741,6 +741,109 @@
     urldate = {2023-08-07},
 }
 
+@article{litchfield2016virtualization,
+    title={Virtualization technology: Cross-vm cache side channel attacks make it vulnerable},
+    author={Litchfield, Alan and Shahzad, Abid},
+    journal={arXiv preprint arXiv:1606.01356},
+    year={2016},
+    urldate = {2024-02-04},
+}
+
+@inproceedings{zhang2012crossvmkeys,
+    author = {Zhang, Yinqian and Juels, Ari and Reiter, Michael K. and Ristenpart, Thomas},
+    title = {Cross-VM side channels and their use to extract private keys},
+    year = {2012},
+    isbn = {9781450316514},
+    publisher = {Association for Computing Machinery},
+    address = {New York, NY, USA},
+    url = {https://doi.org/10.1145/2382196.2382230},
+    doi = {10.1145/2382196.2382230},
+    booktitle = {Proceedings of the 2012 ACM Conference on Computer and Communications Security},
+    pages = {305–316},
+    numpages = {12},
+    keywords = {cache-based side channel, cross-vm side channel, side-channel attack},
+    location = {Raleigh, North Carolina, USA},
+    series = {CCS '12},
+    urldate = {2024-02-04},
+}
+
+@inproceedings{vmrollbackattack,
+    author = {Xia, Yubin and Liu, Yutao and Chen, Haibo and Zang, Binyu},
+    year = {2012},
+    month = {06},
+    pages = {1-5},
+    title = {Defending against VM rollback attack},
+    isbn = {978-1-4673-2264-5},
+    doi = {10.1109/DSNW.2012.6264690},
+    urldate = {2024-02-04},
+}
+
+@online{technopediaVmHopping,
+    title = {Virtual Machine Hyper Jumping},
+    author = {Margaret Rouse},
+    year = {2015},
+    url = {https://www.techopedia.com/definition/30921/virtual-machine-hyper-jumping-vm-jumping},
+    urldate = {2024-02-04},
+}
+
+@article{abusaimeh2020virtual,
+    title = {Virtual machine escape in cloud computing services},
+    author = {Abusaimeh, Hesham},
+    journal = {International Journal of Advanced Computer Science and Applications},
+    volume = {11},
+    number = {7},
+    year = {2020},
+    publisher = {Science and Information (SAI) Organization Limited},
+    urldate = {2024-02-04},
+}
+
+@online{containersVsVMs,
+    title = {A Complete Overview of Docker Architecture},
+    author = {Winnie Ondara},
+    year = {2022},
+    url = {https://www.cherryservers.com/blog/a-complete-overview-of-docker-architecture},
+    urldate = {2024-02-08},
+}
+
+@online{containerRuntime,
+    title = {What are container runtimes?},
+    author = {Nived Velayudhan},
+    year = {2021},
+    url = {https://opensource.com/article/21/9/container-runtimes},
+    urldate = {2024-02-11},
+}
+
+@online{kernexpcgroup,
+    title = {New Linux Kernel cgroups Vulnerability Could Let Attackers Escape Container},
+    author = {Ravie Lakshmanan},
+    year = {2022},
+    url = {https://thehackernews.com/2022/03/new-linux-kernel-cgroups-vulnerability.html},
+    urldate = {2024-02-11},
+}
+
+@online{dirtyPipe,
+    title = {Escaping containers using the Dirty Pipe vulnerability},
+    author = {Eric Mountain and Tommy McCormick and Christophe Tafani-Dereeper and Frederic Baguelin},
+    year = {2022},
+    url = {https://securitylabs.datadoghq.com/articles/dirty-pipe-container-escape-poc/},
+    urldate = {2024-02-11},
+}
+
+@online{dockermitm,
+    title = {Top Docker Security Vulnerabilities, Best Practices, \& Insights},
+    author = {Fortra's Alert Logic},
+    year = {2020},
+    url = {https://www.alertlogic.com/blog/top-docker-security-vulnerabilities-best-practices-insights/},
+    urldate = {2024-02-11},
+}
+
+@online{arpdocker,
+    title = {ARP Spoofing},
+    author = {Imperva},
+    url = {https://www.imperva.com/learn/application-security/arp-spoofing/},
+    urldate = {2024-02-12},
+}
+
 @online{lynis,
     title = {Lynis},
     author = {CISOfy},
@@ -748,6 +851,24 @@
 }
     urldate = {2023-12-06},
 
+@online{docker-rootless-setup,
+    title = {Docker-Rootless Full Setup},
+    author = {zerint},
+    url = {https://github.com/zerint/docker-rootless-setup},
+}
+
+@online{docksec,
+    title = {docksec},
+    author = {Ted LeRoy},
+    url = {https://github.com/TedLeRoy/docksec},
+}
+
+@online{docker-bench-security,
+    title = {Docker Bench for Security},
+    author = {Docker},
+    url = {https://github.com/docker/docker-bench-security},
+}
+
 @online{lunar,
     title = {Lunar},
     author = {Lateral Blast},
@@ -783,6 +904,12 @@
 }
     urldate = {2023-11-10},
 
+@online{portainer,
+    title = {Portainer},
+    author = {Portainer},
+    url = {https://www.portainer.io/},
+}
+
 @online{secdep,
     title = {SecDep},
     author = {konsthol},
@@ -1052,6 +1179,48 @@
     url = {https://github.com/rkt/rkt},
 }
 
+@online{snyk,
+    title = {Snyk},
+    author = {Snyk},
+    url = {https://snyk.io/},
+}
+
+@online{trivy,
+    title = {Trivy},
+    author = {Aqua Security},
+    url = {https://aquasecurity.github.io/trivy/v0.49/},
+}
+
+@online{dotenv,
+    title = {python-dotenv},
+    author = {Saurabh Kumar},
+    url = {https://github.com/theskumar/python-dotenv},
+}
+
+@online{rich,
+    title = {rich},
+    author = {Textualize},
+    url = {https://github.com/Textualize/rich},
+}
+
+@online{shtab,
+    title = {shtab},
+    author = {Iterative},
+    url = {https://github.com/iterative/shtab},
+}
+
+@online{paramiko,
+    title = {paramiko},
+    author = {paramiko},
+    url = {https://github.com/paramiko/paramiko},
+}
+
+@online{dockerCompose,
+    title = {Docker Compose},
+    author = {Docker},
+    url = {https://github.com/docker/compose},
+}
+
 inproceedings{manu2016study,
     author = {Manu, A.R. and Patel, Jitendra Kumar and Akhtar, Shakil and Agrawal, V.K. and Subramanya Murthy, K.N. Bala},
     booktitle = {2016 International Conference on Circuit, Power and Computing Technologies (ICCPCT)},