diff --git a/pkg/policies/opa/rego/docker/docker_expose/AC_DOCKER_0011.json b/pkg/policies/opa/rego/docker/docker_expose/AC_DOCKER_0011.json
new file mode 100644
index 000000000..5b3474b25
--- /dev/null
+++ b/pkg/policies/opa/rego/docker/docker_expose/AC_DOCKER_0011.json
@@ -0,0 +1,17 @@
+{
+    "name": "UNIXPortsOutOfRange",
+    "file": "UNIXPortsOutOfRange.rego",
+    "policy_type": "docker",
+    "resource_type": "expose",
+    "template_args": {
+        "prefix": "",
+        "suffix": "",
+        "name": "UNIXPortsOutOfRange"
+    },
+    "severity": "HIGH",
+    "description": "Ensure range of ports is from 0 to 65535",
+    "reference_id": "AC_DOCKER_0011",
+    "category": "Infrastructure Security",
+    "id": "AC_DOCKER_0011",
+    "version": 1
+}
\ No newline at end of file
diff --git a/pkg/policies/opa/rego/docker/docker_expose/UNIXPortsOutOfRange.rego b/pkg/policies/opa/rego/docker/docker_expose/UNIXPortsOutOfRange.rego
new file mode 100644
index 000000000..24fd9994f
--- /dev/null
+++ b/pkg/policies/opa/rego/docker/docker_expose/UNIXPortsOutOfRange.rego
@@ -0,0 +1,13 @@
+package accurics
+
+{{.prefix}}{{.name}}{{.suffix}}[apt.id]{
+	apt := input.expose[_]
+	conval := apt.config
+    port := split(conval, "/")
+    containsPortOutOfRange(port)
+}
+containsPortOutOfRange(ports) {
+	some i
+	port := ports[i]
+	to_number(port) > 65535
+}
\ No newline at end of file
diff --git a/pkg/policies/opa/rego/docker/docker_workdir/AC_DOCKER_0013.json b/pkg/policies/opa/rego/docker/docker_workdir/AC_DOCKER_0013.json
new file mode 100644
index 000000000..b9ede90dd
--- /dev/null
+++ b/pkg/policies/opa/rego/docker/docker_workdir/AC_DOCKER_0013.json
@@ -0,0 +1,17 @@
+{
+    "name": "workdir",
+    "file": "workdir.rego",
+    "policy_type": "docker",
+    "resource_type": "workdir",
+    "template_args": {
+        "prefix": "",
+        "suffix": "",
+        "name": "workdir"
+    },
+    "severity": "HIGH",
+    "description": "Ensure the use absolute paths for your WORKDIR.",
+    "reference_id": "AC_DOCKER_0014",
+    "category": "Infrastructure Security",
+    "id": "AC_DOCKER_0014",
+    "version": 1
+}
\ No newline at end of file
diff --git a/pkg/policies/opa/rego/docker/docker_workdir/workdir.rego b/pkg/policies/opa/rego/docker/docker_workdir/workdir.rego
new file mode 100644
index 000000000..6acd21992
--- /dev/null
+++ b/pkg/policies/opa/rego/docker/docker_workdir/workdir.rego
@@ -0,0 +1,9 @@
+package accurics
+
+{{.prefix}}{{.name}}{{.suffix}}[apt]{
+	apt := input.workdir[_]
+	conval := apt.config
+    
+    not regex.match("(^/[A-z0-9-_+]*)|(^[A-z0-9-_+]:\\\\.*)|(^\\$[{}A-z0-9-_+].*)", conval)
+    
+}