Container Security - What Are the Options?

Security is quite a big deal. I've seen people putting private keys inside of containers and on public repos. That's kind of dangerous. So what I'm working on right now is actually SecComf itself, which is allow or denying certain syscalls. But the first phase is actually going to be like this kind of not so easy to use config,. It will have different backends like using SecComf or app armor or SA Linux labels. The idea is that the same way we have like with all of us to have scopes and you allow people to do one thing or the other. And it was actually designed and inspired by the Apple APIs and also Android's APIs