Containerized Apps: An 8-Point Security Checklist
Here are eight measures to take to ensure the security of your containerized application environment.
June 14, 2018
Containers allow applications to be abstracted from the underlying infrastructure on which they run. They give developers a way to package applications into smaller chunks that can run on different servers, thereby making them easier to deploy, maintain, and update.
But securing containerized applications requires a somewhat different approach compared with securing traditional application environments. That's because they are a bit harder to scan for security vulnerabilities, the images on which they are built are often unverified, and standardization in the space is still evolving. Importantly, containers also can be spun up and down quickly, making them somewhat ephemeral in nature from a security standpoint.
"Even though container technology may be a new concept to companies deploying them, the idea behind them should be familiar," says Kirsten Newcomer, senior principal product manager, security at Red Hat.
Organizations need to think about security through the application stack both before deploying a container and throughout its life cycle. "While containers inherit many of the security features of Linux, there are some specific issues that need to be considered when it comes to the model," Newcomer says.
Following are eight items that need to be on any organization's security checklist when deploying containers.
About the Author
You May Also Like
Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024