Channel: CodeSection,代码区,网络安全 - CodeSec
Viewing all articles
Browse latest Browse all 12749

Docker Security Tools, Tips, & Best Practices


Docker is a software platform that makes it easier to create, deploy, and run applications. Recently there has been a major surge in the adoption of this technology ― and while it offers significant benefits, it also presents security challenges. Some of the advantages center on the fact that your applications are loaded into a private namespace and the required dependencies are codified, and when using Docker, developers can package all the parts needed to run an application stack and ship it out as one unit. But if container ecosystems aren’t properly designed, deployed, and managed, they can create problems that offset or undermine the benefits.

To put you on the path to effective and secure usage, this post identifies common security issues and outlines best practices for reducing risk and increasing operational efficiency in containerized environments. (If you want additional resources to help you brush up on your Docker skills, take a look at our list of 50 useful Docker Tutorials for IT professionals .)

The strengths of containerization come hand in hand with critical challenges for developers and operational teams. Given the more complex architecture and multiple services that need to be tackled when Docker is being deployed, the areas of concern can be better understood if they are broadly classified as follows:

Monitoring and Visibility: Docker developers use a variety of command line tools to manage their applications and hand over containers to operations with minimal monitoring integrated into them. Configuration and Control: Challenges around the support system with Docker include resource pooling, access policies, load balancing, and application lifecycle management. Integration and Security: Integration problems can exist, centering on the need to create a cloud dev/test environment and an on-site dev/test environment.

On the security front, developers are faced with different types of security attacks such as:

Kernel exploits: Since the host’s kernel is shared in the container, a compromised container can attack the entire host. Container breakouts: Caused when the user is able to escape the container namespace and interact with other processes on the host. Denial-of-service attacks: Occur when some containers take up enough resources to hamper the functioning of other applications. Poisoned images: Caused when an untrusted image is being run and a hacker is able to access application data and, potentially, the host itself.

Recently, we talked to ZDNet about how Docker containers are now being exploited to covertly mine for cryptocurrency, marking a shift from ransomware to cryptocurrency malware. As with all things security, Docker security is a moving target ― so you need the right tools to secure your containerized environments.

Docker Security Tools

To overcome the major security concerns and perform runtime security, compliance, network security, audit, forensics, and image scanning, here are some security tools ― in addition to the Threat Stack Cloud Security Platform ― that can be incorporated with Docker. ( Note: The following list is not meant as an endorsement for any of the products named.)

Anchore Navigator Aporeto AquaSec BlackDuck Docker Security Calico Capsule 8 Cavirin Cilium CoreOS Clair Dockscan Falco Layered Insight NeuVector Notary OpenSCAP REMnux SElinux StackRox Sysdig Secure Docker Security Tips

Below, we’ll discuss a few important tips you should keep in mind when implementing security with Docker:

1. Use a Third-Party Security Tool

Docker allows you to use containers from untrusted public repositories, which increases the need to scrutinize whether the container was created securely and whether it is free of any corrupt or malicious files. For this, use a multi-purpose security tool that gives extensive dev-to-production security controls.

2. Manage Vulnerability

It is best to have a sound vulnerability management program that has multiple checks throughout the container lifecycle. Vulnerability management should incorporate quality gates to detect access issues and weaknesses for a potential exploit from dev-to-production environments.

3. Monitor and Audit Container Activity It is vital to monitor the container ecosystem and detect suspicious activity. Contai

Viewing all articles
Browse latest Browse all 12749

Latest Images

Trending Articles

Latest Images