A method for securing execution of software containers using security profiles. The method comprises receiving an event indicating that a container image requires profiling, wherein the container image includes resources utilized to execute a corresponding application container; generating a security profile for the container image, wherein the generated security profile includes at least a system calls profile; monitoring the operation of a runtime execution of the application container; and detecting a violation of the security profile based on the monitored operation, wherein the security profile is of the container image corresponding to the application container.