Linux Containers have existed since the mid 2000s but containers didn’t experience a surge in popularity until Docker burst onto the scene in 2013. And all it took was about year (according to the 2017 Docker Adoption survey by Datadog) for containers be widely adopted by microservices and cloud-native app builders.
Fast forward to 2018, and you will notice that most enterprise organizations are in various stages of Docker adoption ranging from those who are testing the waters with pilot projects, all the way to advanced users whose apps have been transformed to containerized and microservices applications.
As with the introduction of any new technology, security issues are sure to surface. That’s why we’ve created this list of the top five tips you should know if you’re using Docker containers, especially if you’re just beginning your container journey!
Take a look, arm yourself, and start reaping the benefits of faster app deployments that are truly secure. There’s no time like the present to protect your organization!
- Integrate security and compliance into the DevOps pipeline – Fixing security issues in containers after deployment is exponentially more expensive than at build time. We strongly recommend integrating your container image scanning solution into the CI tools used by developers such as Jenkins and Atlassian Bamboo. This will help you identify issues in container images such as vulnerable packages and embedded secrets during the build process. Once identified, you can choose to automatically fail the builds that don’t meet your security policy.
- Monitor and scan container images – Security starts with visibility. DevOps teams use image registries such as Docker Private Registry, Amazon ECR, and jFrog Artifactory to distribute container images. It’s important to monitor the images hosted by one or more image registries. This will help you gain visibility into container images used across your organization, security issues in images, and the mapping of images to run containers in your environments.
- Monitor containers – Visibility into containers is as critical. Identifying containers that are based on an unsafe image, or come from unknown sources, will ensure you’re not running vulnerable or misconfigured containers. In addition, it’s important to get visibility into containers that are running in privileged mode, or those that aren’t running in read-only mode.
- Secure hosts running containers – We can’t stress this enough: containers are only as secure as the hosts they run on. Host operating systems and installed software packages (including Docker daemon) can have vulnerabilities or can be misconfigured, leading to security gaps which can then impact all containers running on the host.
- Audit all activities – Be sure to audit the container through the entire DevOps pipeline by monitoring Docker events and integrating them with SIEM tools such as SumoLogic, Splunk and ElasticSearch. By implementing the above, you should also be able able to generate detailed vulnerability reports and configuration assessment reports to meet compliance requirements.