close search bar

Sorry, not available in this language yet

close language selection
«
»
 

How to think about container security

Posted by on Friday, November 16, 2018

Are you thinking about container security? Traditional application security isn’t meant for container deployments. Learn strategies for securing your containers.

Stack of cargo containers

Are you thinking about container security? Maybe not as much as you should.

Container frameworks are incredibly popular because they can simplify and accelerate deployment times by packaging operating system components, applications, and all dependencies into layers within an image file. Yet the subject of securing containers remains largely undiscussed.

Traditional security methods and technologies can leave gaps in application security initiatives because they aren’t meant for containerized production environments. Therefore, it is critical that organizations consider the most common container security challenges:

  • Lack of isolation. Unlike virtual machines (VMs), where the reach of an attacker is limited to the exposed VM, exposed containers share elements of the host operating system. This means that once a vulnerability in a container is exposed, an attacker can gain access to others.
  • Runtime complexities. Applications in dynamic container environments can make calls to the host to request access to resources on shared storage systems. If attackers compromise a containerized application, they can access sensitive information on shared systems.
  • Vulnerability management. Each layer in a container image is an attack surface that can harbor software vulnerabilities. Discovering where these risks exist can be like finding a needle in a haystack because some container clusters have reached the scale of 10,000 images or more.

Moving boxes outside an open, insecure container with exposed contents

Solutions to your container security challenges

While securing container clusters may seem daunting, security teams can address these challenges with a combination of the right tools, practices, and strategies. For example, organizations with smaller container clusters can conduct manual reviews to determine what works best in their environment. And any organization can benefit from vulnerability management to identify and track all components in its containers.

Our new eBook, 4 Strategies for Securing Container Deployments, outlines some common approaches and technologies for securing containers. With an explanation of how to choose the best container security strategy for your needs, this eBook is an excellent starting point for any organization wanting to develop or improve its approach to container security.

Download the eBook

This post is filed under Security news and research.
 
Julian Alvarado
Posted by

Julian Alvarado

Julian Alvarado

Julian Alvarado is a digital marketing professional with five years of experience developing, editing, and managing online content. Mr. Alvarado is passionate about storytelling and has transferred that passion to content marketing after completing his undergraduate and graduate degree in the biological sciences. While some may find this transition curious, Mr. Alvarado has been able to leverage his analytical mode of thinking and attention to detail to examine trends in customer behavior, creating data-driven content that captures the attention of any given audience.

SEE AUTHOR ARCHIVE

More from Security news and research

Subscribe
Related Tags