Forget magical thinking. Use DevSecOps teams to bake in security and follow strict access policies.
The biggest cloud security threat to containerized applications is security teams believing that simply issuing decrees to over-stressed developers (who rarely understand the intent or logic of those policies) will be effective. This approach hasn’t worked for bare-metal servers or virtual machines, and it is magical thinking to believe this approach will work for containers. Compounding the issue is that many security team members have never been active participants on agile development teams, so the cultural and experiential gap is wide. Application teams will pay lip service to these decrees, and a few items of the low-hanging fruit variety will be resolved, but usually the edicts will be acknowledged but largely unheeded.
As a general rule for any piece of IT infrastructure, the default security configurations simply aren’t enough. While I’m certain that the people who designed these defaults did so as a starting point, many engineers view them as the end game. Internet-to-cloud network, service and instance integration into cloud network, host OS-to-container integration, software components, and their credentials in the container layers are all part of the security equation – and no one singular vendor or project controls them all. Yet they must be made to be rational, understandable and secure at every step, and continually refined as the computing landscape inevitably changes.
The connection between the host OS and the guest OS are the most helpful of the “default” configurations, and they’re also a great example of what a moving target these defaults can be. When the container engine Docker was first released, the container user had to be root. This was obviously not ideal, but it was the only way one could make it work and gain a security advantage. The Docker folks corrected this by allowing containers to be managed by a nonroot user, but what if you still have a Docker configuration from those days? The Docker user must be limited in what it can access at the OS level — just enough to do the job. This is difficult enough in a public cloud, and in private clouds it can raise concerns to a whole other level, because of the lack of APIs.
And there are plenty of other security issues to consider. For example:
The following steps can help address these concerns:
DevSecOps: It is critical that security teams contribute code or, at the very least, engage in true discourse with development teams. Some organizations have figured this out and that is why there is a DevSecOps movement. The reality is that security is just another set of features, and if the security team can’t or won’t contribute, only those features …
Session expired
Please log in again. The login page will open in a new tab. After logging in you can close it and return to this page.