Regular readers of The State of Security should now have a general understanding of why organizations need security for their containers. But they still might be a bit fuzzy on the specifics. In particular, they might still be unclear on the types of threats they need to address as well as the container areas that are most at risk.
This knowledge is crucial. Without it, enterprises are more prone to invest in piecemeal solutions than to research security controls that bolster their container security across all environments. They’re also less likely to spot the nuances separating well-known threats from new exploits.
That being said, here are four areas on which organizations should focus the bulk of their container security efforts.
The build environment is the first area that needs protection because it’s typically the least secure. Attackers can exploit this fact to deploy malicious code. They can also make malicious alterations to automated build controllers and abuse error-laden configuration scripts to expose credentials. Organizations also want to if there are any vulnerabilities in the runtime code as well as if they can audit for potential concerns and catch any errors.
Operations folks oftentimes lack knowledge into what a specific container does and if it’s the correct version. They might also not know if developers included tools in the container to alter its contents as well as how they can map access rights to OS and host resources. This latter difficulty can open up the stack to attack. At the same time, security personnel might not know what hardening has been performed, information they need in order to protect containers.
Organizations are commonly worried about the security of the underlying operating systems. Most commonly, their top concern is whether everything’s configured correctly in order to (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/devops/understanding-the-primary-threats-and-security-concerns-to-container-environments/