Tuesday, January 15, 2019
  • OneLogin® Free Plan EOL
  • Luke Kingma’s & Lou Patrick-Mackay’s ‘Futurism: A Lone Voyager’
  • OWASP Top 10 Security Risks – Part V
  • BSides Delaware 2018, Jeff Silver’s ‘Cloud Proxy Technology: The Changing Landscape’
  • Did You Read Our Most Popular 2018 Blog Posts?

Security Boulevard

The home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming
    • On-Demand
  • Chats
    • CISO Conversations
  • Library

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
Analytics & Intelligence DevOps Network Security Security Bloggers Network 

Home » Cybersecurity » Analytics & Intelligence » Clarifying the Misconceptions: Monitoring and Auditing for Container Security

Clarifying the Misconceptions: Monitoring and Auditing for Container Security

by David Bisson on October 11, 2018

An effective container security strategy consists of many parts. Organizations should first secure the build environment using secure code control along with build tools and controllers. Next, they should secure the contents of their containers using container validation, code analysis and security unit tests. Finally, they should develop a plan to protect their containers in production systems by focusing on runtime security, platform security and orchestration manager security.

But container security doesn’t end there. An effective security program consists of two other items, as well. These are monitoring and auditing.

Monitoring

All the container security processes mentioned above employ preventative security controls. These measures address known attack vectors with well-understood responses like vulnerability scans and encryption. But those and other security practices can only go so far, for they are designed to solve known issues. When it comes to detecting unexpected concerns, organizations can turn to monitoring to discover the unexpected stuff, track events in the environment and detect what’s broken.

Most monitoring tools begin by collecting events like requests for hardware resources and IP-based communication. They then examine them relative to the organization’s security policies. Towards this end, it’s best to use a monitoring solution that combines deterministic white and black list policies with dynamic behavior detection. This gives organizations the best of both worlds, allowing them to detect simple policy violations and unexpected variations.

For organizations to evaluate a monitoring tool, they should look to the following criteria:

  • Deployment model: How does the product collect events? Does it use an agent embedded in the host operating system or a privileged container-based monitor?
  • Policy management: How easy is it to build new policies or modify existing ones?
  • Behavioral analysis: What behavioral analysis options are there? How flexible are they?
  • Activity blocking: Does the solution provide (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/devops/clarifying-the-misconceptions-monitoring-and-auditing-for-container-security/

October 11, 2018October 11, 2018 David Bisson auditing, Container Security, DEVOPS, Featured Articles, Monitoring
  • ← XKCD, Internal Monologues
  • 5 Ways Attackers Are Targeting the Healthcare Industry →

Predict 2019 Virtual Summit

Featured Blog

Verodin Blog

Greg Martin’s 2019 Cybersecurity Predictions

Verodin Blog

How Much of Your Security Is Based on Assumptions Instead of Evidence?

Verodin Blog

Instrumenting Cloud Security with Verodin SIP

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy

Most Read on the Boulevard

Huawei: Sanction-Busting and Espionage Threat?
What Does ‘Firewall’ Mean Today?
Is NTA Just Another Kind of IDS?
Security Boulevard Chat: The Evolution of Network Security with FireMon’s Tim Woods
Government Shutdown’s Negative Impact on Federal Cybersecurity
How to secure your cloud file storage with 5 simple tricks
Key Takeaways From SANS Report: Secure DevOps 2018: Fact or Fiction?
How Can Ransomware Files Be Unlocked?
AT&T’s John Donovan, The Great Deceiver
The Top 5 Vendor-Neutral Cloud Security Certifications of 2019

Upcoming Webinars

Mon 28

Next-Generation Cybersecurity

January 28 @ 1:00 pm - 2:00 pm

More Webinars

Download Free eBook

Seeing Red: Understanding Red Team Security

CISO/Security Vendor Relationship Series

CISO/Security Vendor Relationship Podcast

Recent Security Boulevard Chats

  • Cloud, DevSecOps and Network Security, All Together?
  • Security-as-Code with Tim Jefferson, Barracuda Networks
  • ASRTM with Rohit Sethi, Security Compass
  • Deception: Art or Science, Ofer Israeli, Illusive Networks
  • Tips to Secure IoT and Connected Systems w/ DigiCert

Industry Spotlight

Software-Defined Perimeter: Moving Beyond Traditional VPNs
Cybersecurity Data Security Industry Spotlight Network Security Security Boulevard (Original) 

Software-Defined Perimeter: Moving Beyond Traditional VPNs

January 15, 2019 Don Boxley Jr. | Yesterday 0
Is NTA Just Another Kind of IDS?
Analytics & Intelligence Cybersecurity Industry Spotlight Security Boulevard (Original) 

Is NTA Just Another Kind of IDS?

January 14, 2019 Gary Golomb | 1 day ago 0
What Does ‘Firewall’ Mean Today?
Cloud Security Cybersecurity Industry Spotlight Security Boulevard (Original) 

What Does ‘Firewall’ Mean Today?

January 11, 2019 Sonya Koptyev | 4 days ago 0

Top Stories

Sonrai Security Unfurls Service to Track Data in the Cloud
Cloud Security Cybersecurity Featured News Security Boulevard (Original) Spotlight 

Sonrai Security Unfurls Service to Track Data in the Cloud

January 15, 2019 Michael Vizard | Yesterday 0
Ryuk Ransomware That Hit U.S. Newspapers Not State-Sponsored
Endpoint Featured Malware News Security Boulevard (Original) Spotlight Threat Intelligence Vulnerabilities 

Ryuk Ransomware That Hit U.S. Newspapers Not State-Sponsored

January 15, 2019 Lucian Constantin | Yesterday 0
New Phishing Kit Allows Bypassing Two-Factor Authentication with Ease
Application Security Featured Identity & Access News Security Boulevard (Original) Social Engineering Spotlight Vulnerabilities 

New Phishing Kit Allows Bypassing Two-Factor Authentication with Ease

January 10, 2019 Lucian Constantin | Jan 10 0

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: info@securityboulevard.com

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • Privacy Policy

Other Mediaops Sites

  • Container Journal
  • DevOps.com
  • DevOps Connect
  • DevOps Institute
Copyright © 2019 MediaOps Inc. All rights reserved.
Our website uses cookies. By continuing to browse the website you are agreeing to our use of cookies. For more information on how we use cookies and how you can disable them, please read our Privacy Policy.