Container security has become a hot topic as an increasing number of enterprises look to use container platforms. It seems each week an established container, cloud, or security company is rolling out a new product or update.
This is interesting as containers are considered secure because of their basic construct. They are small, and they often exist for only a brief period of time. This reduces the so-called “attack vector” of someone attempting to compromise a container.
From a high level, Gartner has explained that container security concerns are often due to the deployment method and not necessarily the technology itself. This is the “bad code in, bad code out” mantra often cited as the weak link in container deployments.
“Containers are not inherently unsecure, but they are being deployed in an unsecure manner by developers, with little or no involvement from security teams, and little guidance from security architects,” the analyst firm said. “Traditional network and host-based security solutions are blind to containers.”
Be that as it may, Adrian Lane, analyst and CTO at Securosis, recently cited five overarching danger points within a container environment that are vulnerable to attack.
“Some threats and issues are well-known, some are purely lab proofs of concept, and others are threat vectors which attackers have yet to exploit – typically because there is so much low-hanging fruit elsewhere,” Lane warned.
Threats to the Build Environment
Lane said this is often the least secured part of the container lifecycle and an easy place for malicious code to be inserted. The build environment is where developers are typically the most hands-on and thus an area where they look to speed up work at the expense of security.
This also builds on the coding challenges facing developers. One false move here can have wide-ranging implications.
Container Workloads and Content
Containers are built using images stored in a host or orchestrator. These images are core to a running container, and a corrupted image can lead to a widespread security breakdown.
Alok Ojha, senior director of products at CloudPassage, explained that while containers themselves have a small attack vector, if a specific image used to construct a container is attacked, it could be spread to the entire container cluster. He did explain that while that could lead to a widespread attack, that sort of attack should be easy to fix as only a single image needs to be taken care of.
Containers are short-lived entities designed to execute a specific function over a fairly short period of time. However, a security breach can result in a container running for longer than scheduled, providing access to or dumping out sensitive data running inside of that container.
A number of security firms have noted that basic protocols designed to check on the running status of a container can highlight whether a container deployment has been breached. If it’s been running for a week, you might want to check it.
Operating System Security
Container-specific operating systems (OS) allow multiple containers to share the same OS without the need for a hypervisor to oversee each container. Analysts say the leanness of a container OS is needed in order to support the DevOps speed in which companies are looking to launch services.
“Given the scale at which such applications run, it’s important to keep the OS as lean as possible since each unnecessary file will effectively be replicated for each container, which quickly adds up,” Cowen and Company explained in a research report. The firm noted this model is also known as “just enough operating system.”
However, the reach of a container OS makes it imperative to have a secure setup in order to ensure security across a deployment.
“Security is a particularly challenging issue for production container deployments,” Gartner noted in a recent report. “The integrity of the shared host OS kernel is critical to the integrity and isolation of the containers that run on top of it. A hardened, patched, minimalist OS should be used as the host OS, and containers should be monitored on an ongoing basis for vulnerabilities and malware to ensure a trusted service delivery.”
Orchestration Management Security
Orchestration management security has drawn considerable interest. The Kubernetes community, for instance, has touted enhanced security as core to most of its recent updates.
Lane noted that while the development and maturity of Kubernetes as a container orchestrator has allowed for broader container adoption, it has also led to a false sense of security.
“Like many software products, the focus of orchestration tools is scalability and ease of management – not security,” Lane wrote.
While the Kubernetes community has been aggressive in rolling out updates, some have taken orchestration management security a step further.
Capital One Financial late last year released a beta version of its Critical Stack container orchestration platform promising increased security compared with traditional offerings.
Critical Stack President Liam Randall said Kubernetes is a good first step for organizations looking to tackle container orchestration. However, it continues to lack the depth of support for more detailed deployments.
“Kubernetes solves the first half of the container orchestration challenge for the enterprise,” Randall said. “If you’re an enterprise, you’ve got a whole host of other concerns that remain unanswered that you must solve – security, compliance, and enterprise integration.”