Docker instances present an additional threat vector not covered by many security programs. Allowing DevOps to fully utilize the flexibility of Docker while maintaining a secure environment is a challenge faced by an increasing number of security teams. This talk focuses on developing a process for managing these containers, from initial audit to lifecycle management.