{"id":1904,"date":"2019-08-23T04:04:40","date_gmt":"2019-08-23T04:04:40","guid":{"rendered":"http:\/\/kusuaks7\/?p=1509"},"modified":"2024-04-25T16:12:12","modified_gmt":"2024-04-25T16:12:12","slug":"three-strategies-for-securing-containerized-applications-in-the-cloud","status":"publish","type":"post","link":"https:\/\/www.experfy.com\/blog\/bigdata-cloud\/three-strategies-for-securing-containerized-applications-in-the-cloud\/","title":{"rendered":"Three Strategies for Securing Containerized Applications in the Cloud"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"1904\" class=\"elementor elementor-1904\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"has_eae_slider elementor-section elementor-top-section elementor-element elementor-element-16c8db64 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"16c8db64\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"has_eae_slider elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-1da0cfbe\" data-id=\"1da0cfbe\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-1d8ab3ff elementor-widget elementor-widget-text-editor\" data-id=\"1d8ab3ff\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<a href=\"https:\/\/searchitoperations.techtarget.com\/definition\/container-containerization-or-container-based-virtualization\" rel=\"noopener\">Containers<\/a>\u00a0are growing in importance across more public-sector and commercial enterprises as they embark on cloud-native development projects. Security news about containers has been mixed so far, with developers and vendors looking for ways to improve\u00a0<a href=\"https:\/\/www.csoonline.com\/article\/3388025\/how-to-improve-container-security.html\" data-cms-ai=\"0\" rel=\"noopener\">container security<\/a>.\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"has_eae_slider elementor-section elementor-top-section elementor-element elementor-element-89a78f7 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"89a78f7\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"has_eae_slider elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-ccdcb9c\" data-id=\"ccdcb9c\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-837c5b3 elementor-widget elementor-widget-text-editor\" data-id=\"837c5b3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\tHere are three strategies for securing your containerized applications.\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-09797b9 elementor-widget elementor-widget-heading\" data-id=\"09797b9\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\"><h2>1. Prepare Your Containers for Production<\/h2><\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-af39d17 elementor-widget elementor-widget-text-editor\" data-id=\"af39d17\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\tOne strategy to start with is to set up a framework for\u00a0<a href=\"https:\/\/neuvector.com\/container-security\/15-tips-run-time-container-security-strategy\/\" data-cms-ai=\"0\" rel=\"noopener\">preparing your containers for production<\/a>.\u00a0<em>Container Journal<\/em>\u00a0points to container images as one of the\u00a0<a href=\"https:\/\/containerjournal.com\/2019\/03\/22\/the-4-most-vulnerable-areas-of-container-security-in-2019\/\" data-cms-ai=\"0\" rel=\"noopener\">four most vulnerable areas<\/a>\u00a0for container security in 2019, testifying to the vital nature of preproduction work on your containers.\u00a0<a href=\"https:\/\/neuvector.com\/container-security\/15-tips-run-time-container-security-strategy\/\" data-cms-ai=\"0\" rel=\"noopener\">According to NeuVector<\/a>, common sense steps for preparing containers include\n<ul>\n \t<li>Hardening the container operating system by trimming all unnecessary modules and files plus keeping up with the latest security patches;<\/li>\n \t<li>Securing the container platform by using vendor best practices such as the Docker best practice guide;<\/li>\n \t<li>Preventing unauthorized access to your containers by using SE Linux or App Armor;<\/li>\n \t<li>Customizing and specifying your container security profiles;<\/li>\n \t<li>Scanning all your container registries for vulnerabilities regularly; and<\/li>\n \t<li>Digitally signing all your container images.<\/li>\n<\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5bb9b7d elementor-widget elementor-widget-text-editor\" data-id=\"5bb9b7d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\tIf containers are new to your operations team, then it\u2019s time to document standard operating procedures detailing the preproduction steps teams must take to release containers into production. You should also appoint an owner of this preproduction phase and be prepared to cross-train other team members in the preproduction steps.\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3ea5a5f elementor-widget elementor-widget-text-editor\" data-id=\"3ea5a5f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\tThese and other preproduction practices relate better to a DevOps or DevSecOps environment, where you can set up gates to ensure that your teams prepare your containers for production that meet your enterprise security requirements.\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d6aca42 elementor-widget elementor-widget-heading\" data-id=\"d6aca42\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\"><h2>2. Review Container Security During Your Entire Life Cycle<\/h2><\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-30b1c21 elementor-widget elementor-widget-text-editor\" data-id=\"30b1c21\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\tA move to agile techniques such as DevOps or DevSecOps makes it easy for your development teams to\u00a0<a href=\"https:\/\/searchsecurity.techtarget.com\/tip\/Container-security-best-practices-help-mitigate-risks-and-threats\" data-cms-ai=\"0\" rel=\"noopener\">review container security<\/a>\u00a0at each phase of your software development life cycle. Just as my previous tip shows the critical work that needs to be done to prepare your containers for production, it\u2019s essential to include container security reviews at each stage of your DevOps\/DevSecOps life cycle. Granted, you should explore test automation whenever possible and where it makes sense in your continuous integration\/continuous development workflow, but container security still requires human attention.\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-17f567e elementor-widget elementor-widget-heading\" data-id=\"17f567e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\"><h2>3. Apply Tools and Technology to Secure All the Container Layers<\/h2><\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-fae473b elementor-widget elementor-widget-text-editor\" data-id=\"fae473b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\tContainers add new levels of complexity to cloud application security. It\u2019s not something you\u2019re going to want your cloud and security teams securing without\u00a0<a href=\"https:\/\/containerjournal.com\/2019\/03\/29\/the-state-of-container-security\/\" data-cms-ai=\"0\" rel=\"noopener\">using a vendor tool<\/a>\u00a0to lock down your containers. These orchestration and security tools are a hot market right now, with open source and commercial vendors duking it out for market superiority.\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-ef5a0bf elementor-widget elementor-widget-text-editor\" data-id=\"ef5a0bf\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<a href=\"https:\/\/containerjournal.com\/2019\/04\/12\/kubernetes-changing-the-game-for-enterprise-containerization\/\" data-cms-ai=\"0\" rel=\"noopener\">One example<\/a>\u00a0of a tool used for container security is\u00a0<a href=\"http:\/\/www.kubernetes.io\/\" data-cms-ai=\"0\" rel=\"noopener\">Kubernetes<\/a>, an open source solution for automating the deployment, scaling, and management of containerized applications. A vibrant technology community is growing around this solution, with companies such as Google, VMware, and Nutanix using it as the foundation of their container orchestration and management solutions. Other companies such as\u00a0<a href=\"https:\/\/www.twistlock.com\/\" data-cms-ai=\"0\" rel=\"noopener\">Twistlock<\/a>\u00a0and\u00a0<a href=\"https:\/\/containerjournal.com\/2019\/04\/15\/trend-micro-advances-devsecops-via-kubernetes-integration\/\" data-cms-ai=\"0\" rel=\"noopener\">Trend Micro<\/a>\u00a0are focusing their container security at the DevSecOps life cycle.\n\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c9dfe59 elementor-widget elementor-widget-text-editor\" data-id=\"c9dfe59\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\tContainer security tools are a hotly competitive and evolving market right now, so you owe it to yourself and your security posture to do your due diligence and conduct pilots and proofs of concept while on your road to deciding on a container security solution for your organization.\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-563a4b6 elementor-widget elementor-widget-heading\" data-id=\"563a4b6\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\"><h2>Container Security and Your Enterprise<\/h2><\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-77945dd elementor-widget elementor-widget-text-editor\" data-id=\"77945dd\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\tAs these tips show, it\u2019s important not to let yourself get caught up in the market hype about containers and the advantages they offer your application delivery teams. Keep a strong security focus starting at preproduction and moving forward. You\u2019ll get an edge on container security if you apply technology, tools, frameworks, and\u2014above all\u2014preparation to your containers in and out of production.\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>It is important not to let yourself get caught up in the market hype about containers and the advantages they offer your application delivery teams. Keep a strong security focus starting at preproduction and moving forward. You&rsquo;ll get an edge on container security if you apply technology, tools, frameworks, and&mdash;above all&mdash;preparation to your containers in and out of production. Security news about containers has been mixed so far. Here are three strategies for securing your containerized applications.<\/p>\n","protected":false},"author":582,"featured_media":3716,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":"","footnotes":""},"categories":[187],"tags":[94],"ppma_author":[3272],"class_list":["post-1904","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-bigdata-cloud","tag-data-science"],"authors":[{"term_id":3272,"user_id":582,"is_guest":0,"slug":"will-kelly","display_name":"Will Kelly","avatar_url":"https:\/\/secure.gravatar.com\/avatar\/?s=96&d=mm&r=g","user_url":"","last_name":"Kelly","first_name":"Will","job_title":"","description":"Will Kelly is Senior Technical Writer at CSRA Inc, a provider of high-tech IT solutions to the government IT market. He has published bylined articles on a range of topics including DevOps, enterprise mobility, and cloud computing, and other technologies on sites such as SearchITOperations, DevOpsAgenda, Mobile Business Insights, CNET TechRepublic, and others."}],"_links":{"self":[{"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/posts\/1904","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/users\/582"}],"replies":[{"embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/comments?post=1904"}],"version-history":[{"count":5,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/posts\/1904\/revisions"}],"predecessor-version":[{"id":36763,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/posts\/1904\/revisions\/36763"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/media\/3716"}],"wp:attachment":[{"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/media?parent=1904"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/categories?post=1904"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/tags?post=1904"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.experfy.com\/blog\/wp-json\/wp\/v2\/ppma_author?post=1904"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}