Are Containers insecure?
Not at all. Features like process isolation with user namespaces, resource encapsulation with groups, immutable images, and shipping the minimal software and dependencies reduce the attack vector providing a great deal of protection.
Container security tools are becoming hot topics in the modern IT world as the early adoption fever is transforming into a mature ecosystem.
Security is an unavoidable subject to address when we plan to change how we architect our infrastructure.
This Refcard will lay out the basics of the container security challenge, give you hands-on experience with basic security options, and also spell out some more advanced workflows.
We’ll split container security into three sections covering what to do at each step of your container security lifecycle.
• CI/CD and pre-deployment security
• Run-time security
• Incident response and forensics