Container Security Part 2 – Benchmarks to the Rescue
Containers are like BYOD (Bring Your Own Device). They are infiltrating our ranks, and InfoSec professionals’ gut reaction is to hesitate in including them in their environments. But instead of dismissing containers out of hand, I thought it would be wiser to study them not only to be prepared for the inevitable but also to understand their usefulness and most importantly the security aspects of incorporating them into our organization. That initial exploration was covered in Part 1 of this series on container security, “Quick Dive into Containers, Kubernetes and Security”.
That quick dive showed that containers are an extremely useful tool and securing them wasn’t too dissimilar to what most are doing already. But I had never implemented them myself and have no one hear in my organization to lean on. So I went to the tried and true method of following existing, published best practices like the ones at the Centre for Internet Security (CIS). Part 2 of this series reminds us that we’re not alone. In most cases, some really smart people have already done the heavy lifting and were kind enough to share. Although free and at our fingertips, the right information can be a little tricky to find. This tutorial will attempt to accomplish 2 goals. First is to help save you time and frustration by avoiding the pitfalls I faced in getting the information, and second is to take a detailed look into the benchmarks themselves.
Quick Links ToC: Center for Internet Security | Seek and Ye Shall Find | Benchmarks – Not the End All, Be All | Summary
Center for Internet Security
Image 1
Overview of CIS
The Center for Internet Security (CIS) is a non-profit entity that provides a vast number of resources for Cybersecurity Best Practice, Tools, Threat (Read more...)
*** This is a Security Bloggers Network syndicated blog from The Ethical Hacker Network authored by Haydn Johnson. Read the original post at: http://feedproxy.google.com/~r/eh-net/~3/ThHnETDWuFs/
