Six big misconceptions about container safety

Six big misconceptions about container safety. Many businesses still praise the idea that traditional virtualization is safer than container technology. John Morello, who had served as chief information security officer at Albemarle, a Global 500 company, and currently CTO at Twistlock, said he wrote this article to uncover many of the misconceptions about container technology security and to get readers' attention on Business really should be concerned about the problem.

Prison Breaks can sound scary, but in reality it seldom happens. Most attacks are specialized attack applications, if the invasion has been applied, why need jailbreak it? In fact, businesses need to be concerned about the issue: clear hackers launched a specific time, and whether the system has been attacked.

No single company is really plagued by multi-tenancy issues. In fact, as long as the application is split into multiple microservices, and deployed in the virtual machine, the problem immediately resolved.

Container applications often switch hosts within seconds, and even when payload is encrypted, the firewall can be useless. Container security ultimately depends on the perception of the application and the developer's security awareness.

Endpoint Security While well suited for protecting laptops, PCs, and mobile devices, endpoint security is not about protecting microservices. In fact, they are useless for microservices attacks. Endpoint Security can not get involved in Docker runtime and container choreography.

Vulnerability management is not as easy as it might seem. Source images are not always updated as the project progresses. Even if you use the latest mirror base layer, there may be hundreds of components in the mirror that are not included in your base layer packet manager. Due to frequent changes in the environment, the traditional patch management method basically no effect.

In order to solve this problem you can:

1) Found a loophole in the Continuous Integration (CI) process

2) use quality gates from the outset to prevent unsafe or incompatible mirroring deployments

Container behavior can be monitored. There are several ways:

1) The container is declarative: The container manifest details the behavior of the container and can be used to translate into a security configuration file.

2) The container can be predicted: Developers often combine several well-known software components into a container micro-service for execution. Container deployment has more rules than virtual machine deployment.

3) The container is immutable: the container changes only when the program is updated, and once it is found that the container behaves differently, either the configuration has changed or it is attacked.