Container Security 101: UNDERSTANDING THE BASICS OF SECURING CONTAINERS

By now it’s apparent to cybersecurity teams everywhere that the proverbial container genie is out of the bottle. Developers have widely embraced containers because they make building and deploying so- called cloud native applications simpler than ever. Not only do containers eliminate much of the friction typically associated with moving application code from testing through to production, application code packaged up as containers can also run anywhere. All the dependencies associated with any application are included within the containerized application. That makes a containerized application highly portable across virtual machines or bare metal servers running in a local data center or on a public cloud.

That level of flexibility enables developers to make huge gains in productivity that are too great to ignore. However, as is the case with the rise of any new IT architecture, cloud native applications still need to be secured. Container environments bring with them a range of cybersecurity issues involving images, containers, hosts, runtimes, registries, and orchestration platforms, which all need to be secured.