More than 94 percent of IT security professionals are concerned about the security of container technology. In the past year, at least 60 percent of the population encountered a security issue. This is the result of a study carried out by Tripwire.
Container technology is loved for its flexibility. The technology is currently being massively implemented in companies. Tripwire’s report concludes, among other things, that DevOps continues to increase the use of containers, making it difficult for security teams to secure these new assets and processes.
In addition to the already mentioned security issues, 47 percent of the respondents indicated that they had vulnerable containers in production. And 46% have no idea if that is the case at all. In addition, 71 percent expect to see container-related security incidents at their companies in the coming year. At least 42 per cent say they even tried to put the kibosh on container projects last year. This in an attempt to reduce safety risks.
Read this:Why containers are not virtual machines
Risk areas
According to IT specialist Synopsis, there are three risk areas that make containers more vulnerable than standard applications or services from the past. For example, there is talk of container insulation, which is considered to be less safe than virtual machines. This is because elements of the host operating system are shared. In addition, Synopsis talks about runtime complexities and there would be a greater need for management around vulnerabilities. According to the company, each layer in a container image is an attack surface that can contain software vulnerabilities.
Synopsis describes four specific strategies for improving container security. Focused on manual checking, running containers on virtual machines, using runtime container security and setting up vulnerability management.
IT professionals also have their thoughts about better container security. Tripwire’s report outlines the most important points:
- Incident detection and response for containers and infrastructure (52 per cent)
- Isolate containers that behave abnormally (49 percent)
- More safety-oriented monitoring of container infrastructure (48 percent)
- More visibility of container risks (48 percent)
- Monitoring of containers for drift or behavioural changes (45 percent)
- Attack blocking technologies for containers (45 per cent)
- Security tables for artificial intelligence for containers (40 percent)
- Blockchain (22 percent)
- We don’t want anything special for container security (2 percent)
Related: Kubernetes: what is it and why is it rapidly conquering the world?
This news article was automatically translated from Dutch to give Techzine.eu a head start. All news articles after September 1, 2019 are written in native English and NOT translated. All our background stories are written in native English as well. For more information read our launch article.
16 hours ago
