How to improve container security

Securing your Docker and container infrastructure will take a combination of policies, explicit tools and careful examination of your apps. Here’s how to do it.

Gartner has named container security one of its top ten concerns for this year, so it might be time to take a closer look at this issue and figure out a solid security implementation plan. While containers have been around for a decade, they are becoming increasingly popular because of their lightweight and reusable code, flexible features and lower development cost. I’ll look at the kinds of tools needed to secure the devops/build environment, tools for the containers themselves, and tools for monitoring/auditing/compliance purposes. Naturally, no single tool will do everything.

Start by following a few basic steps

1. Look at what your cloud provider offers

Your first step is to familiarize yourself with what built-in security comes from your cloud provider. These include tools such as Azure Security Center, Google Kubernetes Engine, Google Cloud Security Command Center and Amazon Inspector. Some, such as Azure Security Center, are general-purpose security tools and not designed for containers.

2. Familiarize yourself with native Docker-related security features

To continue reading this article register now

Get the best of CSO ... delivered. Sign up for our FREE email newsletters!