<img src="https://secure.leadforensics.com/99430.png" alt="" style="display:none;">

Blog

Container Security - The Benefits and Challenges

07 Feb 2019

Blog

Cloud, cognitive capabilities, and containers are 3 critical technologies that will drive Digital Transformation. according to IDG. In a recent #IDGTechTalk our Ethical Hacker, Callum Butler, joined other experts to discuss containers. How are they being used? What are the benefits? And what are some of the challenges associated with them?

Here’s a summary of our own expert ‘s responses @Callum_Butler ) as well as other experts taking part in the chat. (@georgegerchow, @benrothke, @mthiele10, @mdkail and many more)

callum butlerWhat is a software container and how are they being leveraged?

@Callum_Butler

Software containers allow us to create, deploy and run applications in containers. This allows us to spin-up (or down) applications in seconds, as well as full monitoring around the instance.

Docker is a prime example. This allows security teams to deploy and run “honeypots” (ie network-attached systems set up as a decoy to lure cyberattackers) or other security tools. This makes it possible to identify and analyse information in seconds.

Is your organisation deploying containers into production? If so, what container technology is being used?

Yes, we use containers in our network at CANCOM (OCSL (A CANCOM Company)) as well as for our customers. Docker and Kubernetes are a couple of examples.

secruity-contiainers2What security challenges does container technology pose? What security benefits can containers provide?@Callum_Butler A key security issue teams need to consider when using containers is the amount of isolation. For example, if an attacker were to compromise a container it could potentially allow them access to other containers on the same host.A key benefit of containers is the attack surface is a lot smaller. Multiple apps are run on one server, as opposed to multiple servers.

security-containers3

Have you seen vulnerabilities in containers that could expose critical data? They are out there, is it part of your security risk plan?

@Callum_Butler

Not so much within the technology itself, (though they are out there.) But ensuring the host running the technology, such as Docker, is up-to-date and free from vulnerabilities is key.

One RCE (Remote Code) exploit against the host will cause a huge amount of upset.

Its not uncommon for poisoned images, to be out in wild. (In other words, image files that have been tampered with prior to being downloaded.)

If used this could cause massive issues not only for the host, but for the data that may be present. Containers on physical hosts also have issues, for example, a kernel exploit could cause the host to go offline.

security-containers4

Finally, what is your organisation doing to secure your container deployment?

@Callum_Butler

We isolate the hosts running container technology into their own network and using monitoring and logging tools. We also enable extra layers of security such as AppArmor.

security-containers5

Related article, from Container Journal: “Container Security requires a Holistic View

And don’t forget to check out more of the rest of this conversation on Container Security, as well as a huge range of other tech topics, on #IDGTechTalk.

Callum Butler

About the author

Callum Butler

Cyber Security Anaylst

More about the author

Comments

BLOG CATEGORIES

Get in touch

0845 605 2100
info@cancom.co.uk

For more contact information and for our address click the link below.

Contact us

Stay informed

Stay updated and subscribe to our regular communications.