Defining “next-level” container security

This post was originally published here by casey pechan.

The rise of containers (especially Docker) has been meteoric. Just a few years ago organizations were only beginning to dip their toes into containerization practices, and now containers are being rapidly adopted and deployed, with some organizations exclusively using containers for certain projects.

And now thanks to CloudPassage Container Secure, protecting your containers can be done through the same platform that secures the hosts they run on, along with any additional workloads you may invest in. This is what we call next-level container security and this is what you will learn about in Light Reading’s latest CloudPassage video.

In the video, Light Reading editor in chief, Craig Matsumoto, sits down at the CloudPassage Santa Clara office to learn about the five critical tips to securing containers which include:

  • Securing the underlying host – containers are only as secure as the hosts they run on
  • Making sure any content you’re building and deploying in your container pipeline is secure (this includes container images) not just the container itself
  • Because containers are deployed in an automated fashion, you have to make sure you’re working in a compliance framework –  as in, thou shalt not deploy containers in  privileged mode
  • Ensuring security architects and practitioners have crisp visibility across all factors including hosts, containers, container images, and the container pipeline
  • Making sure all aspects of your security tools are integrated with the DevOps toolchain – security must be baked into the DevOps process

No posts to display