As cloud-native applications continue to proliferate, containers are becoming the preferred option to package and deploy these applications because of the agility and scalability they offer. In fact, Gartner predicts that 75% of global organizations are running containerized applications in production.
The popularity of containers has also attracted hackers looking for new ways to exploit applications. Containers expand an organization’s attack surface and increase the risk to the applications they house. A comprehensive security approach is essential to mitigate the risk to containerized applications and infrastructure.
What containers are, and what they’re not
Physical containers, originally created to ease the transportation of goods and materials on cargo ships, developed a standardized way of packing things. Whether a sports car from Italy or coffee from South Africa, they were packed and shipped the same exact way. The simplification this provided sparked an explosion in international trade and economic growth.
Likewise, a century later, when Docker engineers produced container technology for software applications, they did it for the sake of simplifying the shipping of software from the developer’s laptop to the production environment. Containers package everything an application needs to run, including libraries and system tools, into a single image that can be deployed across multiple environments—just like physical containers that are easily loaded by cranes and forklifts onto cargo ships, planes, and trains.
But this technology existed previously in the form of virtual machines. So why not stick with those? Why containers?
Containers are built as a packing tool. You can take an application and all its dependencies and put them in a container, drop it onto any system, and let it run, and it will work exactly as expected. A virtual machine, on the other hand, is a full guest operating system. It layers the application and its dependencies onto that operating system, which brings significant overhead due to hardware virtualization and other factors.
Container orchestration
Orchestration allows organizations to automate and simplify the configuring, managing, and deploying of large-scale container environments. Orchestration platforms such as Kubernetes have become the de facto standard for managing containerized applications at scale.
Many organizations have false assumptions about the security of orchestration platforms, and those assumptions can put their applications at risk. Even with third-party orchestration service providers such as Google GKE, the shared nature of the hosting responsibilities can make it difficult to understand who is responsible for securing what.
Benchmarking container security best practices
Any container security and orchestration program must take into account the security and risks of the creation and contents of the containers themselves. There are several container security best practices and criteria by which to analyze the program, including the foundational elements of host security, the platform security elements, and the elements of the container and orchestrator itself.
When addressing the security of containers and container orchestration, it’s important to take a holistic approach that encompasses the architecture, deployment, and production of your applications.
Security considerations should include
- Malicious/compromised containers
- Local network attacks
- External network attacks
- Malicious developers/users
- Configuration best practices
- Secrets management
- Container delivery
- Role-based access control analysis
- Comprehensive, context-specific attack scenario analysis
Attack scenarios to consider should include
- Malicious entities on public network
- Malicious entities on adjacent network
- Malicious insiders/developers
- Malicious/compromised application containers
- Containers to host
- Containers to network
- Containers to container
- Namespace to namespace
- Cluster to cluster
To track and organize these scenarios, it’s beneficial to create an attack matrix. The Kubernetes attack matrix, for example, includes factors such as initial access, execution, persistence, privilege escalation, defense evasion, credential access, discovery, lateral movement, and impact.
Top five risks to container security
The most common container vulnerabilities that Synopsys has encountered in our assessments are
- Container image security
- Secure defaults / hardening
- Secrets management
- Network segmentation / firewalling
- Policy enforcement
You can learn more about these vulnerabilities and container security essentials in our webinar on-demand.
How Synopsys can help
Implementing a strong container security program in your company is no easy task. You can learn more about container security best practices in our on demand webinars: Container Security Essentials, and Finding Your Way in Container Security.
Whether you’re just starting to leverage security containers or have been using them for years, creating a robust and secure container security program requires an understanding of the key features. This white paper offers a blueprint for which elements encompass secure containers and help you move your organization forward in your container security journey.
Continue Reading
