As one of the most disruptive technologies in recent years, container-based applications are rapidly gaining traction as a platform on which to launch applications. But as with any new technology, the security of containers in all stages of the software lifecycle must be our highest priority. This post seeks to identify some of the inherent security challenges you’ll encounter with a container environment, and suggests base elements for a security plan to mitigate those vulnerabilities.
Benefits of a Container Environment and the Vulnerabilities They Expose
Before we investigate what aspects of your container infrastructure will need to be covered by your security plan, it would be wise to identify what potential security problems running applications in such an environment will present. The easiest way to do this is to contrast a typical virtual machine (VM) environment with that in use for a typical container-based architecture. Read more
If you’re anything like me, you’ve been watching the increasing growth of container-based solutions with considerable interest, and you’ve probably been experimenting with a couple of ideas. At some point in the future, perhaps you’d like to take those experiments and actually put them out there for people to use. Why wait? It’s a new year, and there is no time like the present to take some action on that goal.
Experimenting is great, and you learn a great deal, but often in the midst of trying out new things, hacking different technologies together and making it all work, things get introduced into our code which probably shouldn’t be put into a production environment. Sometimes, having a checklist to follow when we’re excited and nervous about deploying new applications out into the wild can help ensure that we don’t do things we shouldn’t. Consider this article as the start of a checklist to ready your Docker applications for prime time. Read more