{"id":2769,"date":"2018-10-22T16:18:16","date_gmt":"2018-10-22T20:18:16","guid":{"rendered":"https:\/\/solutionsreview.com\/cloud-platforms\/?p=2769"},"modified":"2018-10-22T16:18:46","modified_gmt":"2018-10-22T20:18:46","slug":"container-security-threats","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/cloud-platforms\/container-security-threats\/","title":{"rendered":"Container Security Threats to Keep Track of in 2019"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-2770\" src=\"https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/10\/container-security-threats.jpg\" alt=\"container security threats\" width=\"800\" height=\"400\" srcset=\"https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/10\/container-security-threats.jpg 800w, https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/10\/container-security-threats-300x150.jpg 300w, https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/10\/container-security-threats-768x384.jpg 768w, https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/10\/container-security-threats-540x270.jpg 540w, https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/10\/container-security-threats-162x81.jpg 162w, https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/10\/container-security-threats-360x180.jpg 360w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify\">The enterprise technology space constantly changes as new solutions become available. Containers and Kubernetes have altered the development process forever. Since it runs directly on the OS kernel, it makes CI\/CD a possibility with fast and mobile functionality. However, security flaws hold containers back from its true potential.<\/p>\n<p style=\"text-align: justify\">Security tools certainly help reduce issues, but it\u2019s impossible to predict every new threat that arises. To understand what threats may be coming, we asked security professionals making solutions in this space. We interviewed <a href=\"https:\/\/www.alertlogic.com\/\" target=\"_blank\" rel=\"noopener\">Alert Logic<\/a> global VP of solution engineering Mark Brooks, distinguished <a href=\"https:\/\/www.ixiacom.com\/\" target=\"_blank\" rel=\"noopener\">Ixia<\/a> engineer Kris Raney, and <a href=\"https:\/\/www.twistlock.com\/\" target=\"_blank\" rel=\"noopener\">Twistlock<\/a> CTO John Morello.<\/p>\n<div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a class=\"msp-speedbump\" title=\"Download link to Managed Service Providers Buyers Guide\" href=\"https:\/\/solutionsreview.com\/cloud-platforms\/managed-service-provider-buyers-guide\/\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1682\" src=\"https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/07\/Managed-Service-Providers-Speedbump-1.jpg\" alt=\"Download Link to Managed Service Providers Buyers Guide\" width=\"771\" height=\"170\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div>\n<h5 style=\"text-align: justify\"><a href=\"https:\/\/solutionsreview.com\/cloud-platforms\/container-security-concerns\/\" target=\"_blank\" rel=\"noopener\"><strong>Mark Brooks, Alert Logic VP of solution engineering<\/strong><\/a><\/h5>\n<p style=\"text-align: justify\">We have already witnessed customers being impacted by botnet activity as well as cryptojacking.\u00a0 There is also the age-old issue of patching. As new vulnerabilities are discovered in any container platform or containerized workload, patches are released to mitigate the vulnerability risks. If developers are not updating to the latest version, unpatched systems become an entry point for command and control as well as data exfiltration.<\/p>\n<p style=\"text-align: justify\">Perhaps the biggest challenge, however, is a failure to learn from the past. When organizations initially started to embrace virtualized environments, we learned a lot about security and how innovative attackers are. In thinking about how to address container security, it is important to avoid being seduced by faster deployment speeds and reduced costs. Security still matters and failing to address it from the beginning just means you\u2019ll pay a higher bill later in remediation costs and lost productivity in the face of an attack.<\/p>\n<h5 style=\"text-align: justify\"><a href=\"https:\/\/solutionsreview.com\/cloud-platforms\/state-of-container-security\/\" target=\"_blank\" rel=\"noopener\"><strong>Kris Raney, Ixia distinguished engineer<\/strong><\/a><\/h5>\n<p style=\"text-align: justify\">One thing I expect to see is published, compromised container images. Effectively a trojan horse. This could be a deliberate act or just an honest mistake. But it\u2019ll happen from time to time.<\/p>\n<p style=\"text-align: justify\">The second thing I expect is techniques to weaponize innocent containers. An example of the concept is a DNS-based DDoS. You spoof a very small request to a bunch of DNS servers, and each one responds with a very large response to the victim address you spoofed as. The DNS server becomes an unwitting party in the attack. The same concept applies to microservices. \u201cIf I make this request to the service, it causes it to spam the database.\u201d<\/p>\n<p style=\"text-align: justify\">It\u2019s a specific case of a general class of threat I call \u201cillegitimate uses of legitimate channels.\u201d Superficially, the request comes in looking like any other, so you can\u2019t block it at a firewall or based on some generic rule. But hidden within it is a malicious intent, and that\u2019s only revealed by behavior. Quite possibly, it\u2019s only apparent by looking at behavior holistically across many services. The DNS-based DDoS case is an example of this, one spoofed request to one DNS server isn\u2019t noticeable and really isn\u2019t a concern. Thousands of the same request distributed across thousands of servers makes a DDoS.<\/p>\n<h5 style=\"text-align: justify\"><a href=\"https:\/\/solutionsreview.com\/cloud-platforms\/improve-container-security\/\" target=\"_blank\" rel=\"noopener\"><strong>John Morello, Twistlock CTO<\/strong><\/a><\/h5>\n<p style=\"text-align: justify\">For the majority, the softest target is still your own apps. \u00a0Whether you run those apps in containers or only in VMs, attackers will gravitate towards the path of least resistance. \u00a0So, it\u2019s less about what new threats come from containers and more about whether you capitalize on the security advantages containers and a cloud native security platform can provide. Manually creating firewall and IDS rules, or learning about vulnerabilities after deployment, is the wrong approach.<\/p>\n<div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a class=\"msp-speedbump\" title=\"Download link to Managed Service Providers Buyers Guide\" href=\"https:\/\/solutionsreview.com\/cloud-platforms\/managed-service-provider-buyers-guide\/\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1682\" src=\"https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/07\/Managed-Service-Providers-Speedbump-1.jpg\" alt=\"Download Link to Managed Service Providers Buyers Guide\" width=\"771\" height=\"170\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div>\n","protected":false},"excerpt":{"rendered":"<p>The enterprise technology space constantly changes as new solutions become available. Containers and Kubernetes have altered the development process forever. Since it runs directly on the OS kernel, it makes CI\/CD a possibility with fast and mobile functionality. However, security flaws hold containers back from its true potential. Security tools certainly help reduce issues, but [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":2770,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[2],"tags":[750,809,115,900,901,793,248,215],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Container Security Threats to Keep Track of in 2019<\/title>\n<meta name=\"description\" content=\"We chatted with three security professionals to learn about potential container security threats enterprises might be dealing with soon.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/cloud-platforms\/container-security-threats\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Doug Atkinson\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/cloud-platforms\/container-security-threats\/\",\"url\":\"https:\/\/solutionsreview.com\/cloud-platforms\/container-security-threats\/\",\"name\":\"Container Security Threats to Keep Track of in 2019\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/cloud-platforms\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/cloud-platforms\/container-security-threats\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/cloud-platforms\/container-security-threats\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/10\/container-security-threats.jpg\",\"datePublished\":\"2018-10-22T20:18:16+00:00\",\"dateModified\":\"2018-10-22T20:18:46+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/cloud-platforms\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae\"},\"description\":\"We chatted with three security professionals to learn about potential container security threats enterprises might be dealing with soon.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/cloud-platforms\/container-security-threats\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/cloud-platforms\/container-security-threats\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/cloud-platforms\/container-security-threats\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/10\/container-security-threats.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/10\/container-security-threats.jpg\",\"width\":800,\"height\":400,\"caption\":\"container security threats\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/cloud-platforms\/container-security-threats\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/cloud-platforms\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Container Security Threats to Keep Track of in 2019\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/cloud-platforms\/#website\",\"url\":\"https:\/\/solutionsreview.com\/cloud-platforms\/\",\"name\":\"Best Enterprise Cloud Strategy Tools, Vendors, Managed Service Providers, MSP and Solutions\",\"description\":\"Guides, Analysis and Best Practices\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/cloud-platforms\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/cloud-platforms\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae\",\"name\":\"Doug Atkinson\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/cloud-platforms\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=blank&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=blank&r=g\",\"caption\":\"Doug Atkinson\"},\"description\":\"An entrepreneur and executive with a passion for enterprise technology, Doug founded Solutions Review in 2012. He has previously served as a newspaper boy, a McDonald's grill cook, a bartender, a political consultant, a web developer, the VP of Sales for e-Dialog - a digital marketing agency - and as Special Assistant to Governor William Weld of Massachusetts.\",\"sameAs\":[\"https:\/\/solutionsreview.com\"],\"url\":\"https:\/\/solutionsreview.com\/cloud-platforms\/author\/doug-atkinson-4\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Container Security Threats to Keep Track of in 2019","description":"We chatted with three security professionals to learn about potential container security threats enterprises might be dealing with soon.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/cloud-platforms\/container-security-threats\/","twitter_misc":{"Written by":"Doug Atkinson","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/cloud-platforms\/container-security-threats\/","url":"https:\/\/solutionsreview.com\/cloud-platforms\/container-security-threats\/","name":"Container Security Threats to Keep Track of in 2019","isPartOf":{"@id":"https:\/\/solutionsreview.com\/cloud-platforms\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/cloud-platforms\/container-security-threats\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/cloud-platforms\/container-security-threats\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/10\/container-security-threats.jpg","datePublished":"2018-10-22T20:18:16+00:00","dateModified":"2018-10-22T20:18:46+00:00","author":{"@id":"https:\/\/solutionsreview.com\/cloud-platforms\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae"},"description":"We chatted with three security professionals to learn about potential container security threats enterprises might be dealing with soon.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/cloud-platforms\/container-security-threats\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/cloud-platforms\/container-security-threats\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/cloud-platforms\/container-security-threats\/#primaryimage","url":"https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/10\/container-security-threats.jpg","contentUrl":"https:\/\/solutionsreview.com\/cloud-platforms\/files\/2018\/10\/container-security-threats.jpg","width":800,"height":400,"caption":"container security threats"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/cloud-platforms\/container-security-threats\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/cloud-platforms\/"},{"@type":"ListItem","position":2,"name":"Container Security Threats to Keep Track of in 2019"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/cloud-platforms\/#website","url":"https:\/\/solutionsreview.com\/cloud-platforms\/","name":"Best Enterprise Cloud Strategy Tools, Vendors, Managed Service Providers, MSP and Solutions","description":"Guides, Analysis and Best Practices","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/cloud-platforms\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/cloud-platforms\/#\/schema\/person\/5992f02d38e7b28251ad933cd131dcae","name":"Doug Atkinson","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/cloud-platforms\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=blank&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/092cfcbe5c7f2c185c21f152aada2d2f?s=96&d=blank&r=g","caption":"Doug Atkinson"},"description":"An entrepreneur and executive with a passion for enterprise technology, Doug founded Solutions Review in 2012. He has previously served as a newspaper boy, a McDonald's grill cook, a bartender, a political consultant, a web developer, the VP of Sales for e-Dialog - a digital marketing agency - and as Special Assistant to Governor William Weld of Massachusetts.","sameAs":["https:\/\/solutionsreview.com"],"url":"https:\/\/solutionsreview.com\/cloud-platforms\/author\/doug-atkinson-4\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/cloud-platforms\/wp-json\/wp\/v2\/posts\/2769"}],"collection":[{"href":"https:\/\/solutionsreview.com\/cloud-platforms\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/cloud-platforms\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/cloud-platforms\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/cloud-platforms\/wp-json\/wp\/v2\/comments?post=2769"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/cloud-platforms\/wp-json\/wp\/v2\/posts\/2769\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/cloud-platforms\/wp-json\/wp\/v2\/media\/2770"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/cloud-platforms\/wp-json\/wp\/v2\/media?parent=2769"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/cloud-platforms\/wp-json\/wp\/v2\/categories?post=2769"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/cloud-platforms\/wp-json\/wp\/v2\/tags?post=2769"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}