Container security: How to get the most out of best practices
Containers are complex virtual entities that provide proven benefits to the business but also require strong security guidelines. Learn how to get the most out of container security best practices.
Containers, best defined as an operating system virtualization instance that can run applications, microservices and processes, are a staple in the technology industry. Containers’ flexibility and ease of deployment can help achieve faster deliverables and more robust environments.
SEE: Kubernetes: A cheat sheet (free PDF) (TechRepublic)
“Containers have taken us further along the road of abstraction where developers have to think less about their infrastructure. Virtual machines abstracted away hardware resources—containers took that further by hiding the complexities of the operating system,” said Ganesh Pai, CEO, Uptycs, a SQL-powered security analytics platform. “Containers provide robust application image management, runtime isolation, efficient scaling, resource pooling and they have become an integral part of modern microservices architecture.”
Chris Ford, VP of product at cloud security and compliance provider Threat Stack, noted how fast they’ve become standard fare. “Containers have quickly moved from an emerging technology to an integral part of many organizations’ cloud strategies. Gartner predicts that by 2022, 75% of organizations will be running containerized applications in production, up from less than 30% today. Why run applications in containers? Efficiency and development velocity are the objectives. Containers help organizations increase the pace of innovation, even as they optimize resource utilization.”
As with everything in technology, however, there are security concerns. SCMagazine.com recently reported that 50% of misconfigured containers are hit by botnets in under an hour, and SecurityWeek revealed that attacks against container infrastructures are increasing, including supply chain attacks.