Security Teams Struggle with Container Security Strategy

  /     /     /  
Publicated : 23/11/2024   Category : security


Security Teams Struggle with Container Security Strategy


Fewer than 30% of firms have more than a basic container security plan in place.



A study out today shows that the security community is still coming to grips with the new realities introduced by containerization to aid DevOps and agile development teams in their mission for faster deployments in the enterprise.
Some experts say the rise of containers offers an opportunity for security teams to embed themselves more thoroughly in the continuous delivery workflow. But according to
The State of Container Security
report from StackRox, about seven in 10 organizations today either dont have a container security strategy or are at the most rudimentary stages of establishing that strategy. Among those with an existing strategy, about 35% say it doesnt invest enough to adequately secure containers, and 25% say it isnt detailed enough. 
Digging into the details of where IT professionals believe the biggest risks lie in the use of containers, misconfigurations led the pack by far, above vulnerabilities and attacks. This is not surprising given high-profile breaches like the Tesla cryptomining attack that was disclosed earlier this year, which was made possible by a poorly configured Kubernetes deployment on AWS.
Interestingly, even though the survey shows that most organizations are not yet running containers in production, securing containers in runtime has IT pros more worried than in build or deployment phases.
The concern for runtime is logical given the heavy emphasis that early container strategies have put on pre-production vulnerability scanning, according to Mark Bouchard, vice president of research for analyst firm CyberEdge, who provided analysis for the report.
Thats where their early investments have been, and now their apps are going into production and they realize, Yes, Ive got to continue to do vulnerability scanning, but the bad guys operate not just against software flaws but on any weaknesses they can find, he says So they recognize they need to do some monitoring of the container environment in runtime to look for that malicious activity.
Ultimately, Bouchard says, containers arent necessarily any different than any other asset enterprises must protect. 
Were not talking about reinventing security, he says, explaining that all the basic principles, such as the rule of least privilege, threat monitoring, and vulnerability scanning, all still apply. However, security professionals need to adjust to a couple of new variables that container environments introduced. First and foremost is the speed at which security teams need to work to protect constantly changing container environments. 
What were doing with microservices, containers, and DevOps is speeding everything up, Bouchard says. So were talking about applying the same security principles on a much faster cycle.
Secondly, he explains that security people need to familiarize themselves better with the architecture and with how containers, nodes, registries, orchestrators, and the like really work.
Unless you understand what it is you are trying to protect, how can you do a good job protecting it? Bouchard says. As he explains, many security practitioners came up from the network security world, and application delivery can sometimes be a challenge to wrap their arms around, but it is crucial.
Were shifting the issue now onto the workload, and thats true for application security in general and most definitely for this world of microservices and containers, Bouchard adds.
Related Content:
Side-Channel Attack Exposes User Accounts on Facebook, XBox, Other Social Sites
8 Big Processor Vulnerabilities in 2018
Hackers Use Public Cloud Features to Breach, Persist In Business Networks
New Spectre Variants Add to Vulnerability Worries
 
Black Hat Europe returns to London Dec 3-6 2018  with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the
conference
 and
to register.

Last News

▸ Travel agency fined £150,000 for breaking Data Protection Act. ◂
Discovered: 23/12/2024
Category: security

▸ 7 arrested, 3 more charged in StubHub cyber fraud ring. ◂
Discovered: 23/12/2024
Category: security

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Security Teams Struggle with Container Security Strategy