Secure MCR on Windows

Mirantis Container Runtime (MCR), which is derived from Docker Moby, is a foundational component for running containerized workloads on Windows. While containers inherently provide process isolation, additional layers of security are necessary to protect against exploitation.

The information herein places strong emphasis on the securing of both the host Windows system and the container runtime itself. Among the topics covered are Windows Group Policy configurations, OS settings that directly tie to security enhancement, and advanced runtime-specific measures.

• Safeguard the Windows host operating system
• Enhance security for MCR
• Operational best practices