Here are eight measures to take to ensure the security of your containerized application environment.
June 14, 2018
Containers allow applications to be abstracted from the underlying infrastructure on which they run. They give developers a way to package applications into smaller chunks that can run on different servers, thereby making them easier to deploy, maintain, and update.
But securing containerized applications requires a somewhat different approach compared with securing traditional application environments. That's because they are a bit harder to scan for security vulnerabilities, the images on which they are built are often unverified, and standardization in the space is still evolving. Importantly, containers also can be spun up and down quickly, making them somewhat ephemeral in nature from a security standpoint.
"Even though container technology may be a new concept to companies deploying them, the idea behind them should be familiar," says Kirsten Newcomer, senior principal product manager, security at Red Hat.
Organizations need to think about security through the application stack both before deploying a container and throughout its life cycle. "While containers inherit many of the security features of Linux, there are some specific issues that need to be considered when it comes to the model," Newcomer says.
Following are eight items that need to be on any organization's security checklist when deploying containers.
About the Author(s)
You May Also Like
Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024