You could also start by denying any outside connection to anything except private IP ranges for any docker container, and only allow it on a need to have basis.
It’s not enough to rely on the the good will and savvy of whoever made the software, you have to make the restrictions stick.