Container Security - GAVS Technologies



Containers are different from Virtual Machines, where VMs need a guest operating system, running on a host operating system, where CPU, Memory, and disk are virtualized. Here, software and its dependencies are packaged. 

Containers Image Vulnerabilities

Here, an image may be patched without known vulnerabilities initially. But later, a vulnerability might have been discovered while the container image is no longer patched. In traditional systems, updates should be upstreamed in the images, and then deployed again, therefore, containers have vulnerabilities because of the older image version which is deployed.

Countermeasures - To get actionable and reliable results we need to use tools that have been designed to assess containers and to avoid container image misconfiguration, you need to validate the image configuration before deploying.

Embedded Malware and Clear Text Secrets

Container images are collections of files packaged together, having chances of malicious files getting added unintentionally or intentionally, that have the same effect as of the traditional systems.

Countermeasures - Continuous monitoring of all images for embedded malware with signature and behavioral detection.

Use of Untrusted Images

The use of untrusted images may lead teams to run container images from a third party without having validation, which results in the introduction of data leakage and malware.

Countermeasures - Should maintain and use only trusted images.

Registry Risks

1. Insecure connections to registries

If connections to registries are performed via insecure channels, it can lead to attacks. Configure development tools to connect over the encrypted medium to overcome the unsecured connection issue.

2. Insufficient authentication and authorization restrictions

Insufficient authentication and authorization will expose technical details of an app and loss of intellectual property. Authorization controls need to be enabled to avoid authentication and authorization risks.

Orchestrator Risks

1. Unbounded administrative access

Orchestrators should be given the required access with proper authorization to avoid unbounded administrative access.

2. Poorly separated inter-container network traffic

Here orchestrators need to configure separate network traffic as per the sensitivity levels in the virtual networks.

3. Orchestrator node trust

Orchestration should be configured securely for nodes and apps.

Container Risks

1. App vulnerabilities

Container aware tool is required that detects behavior and anomalies in the app to find and mitigate.

2. Rogue containers

A separate environment for development, test, production, and role-based access control is required to overcome this risk.

Host OS Risks

1. Large attack surface

The NIST SP 800-123 guide can be followed to minimize the attack surface.

2. Shared kernel

Here, libraries and packages are needed to run a web server or a database.

Read more about such containers and their vulnerabilities and securities from this blog by one of the best cybersecurity services companies in the USA, GAVS Technologies - https://www.gavstech.com/container-security/

Comments

Post a Comment

Popular posts from this blog

Smart Spaces Tech Trends for 2020

Image
With the outbreak of COVID-19, the world has experienced a disruption in our daily lives and has required us to be more connected through digital spaces. There are certain trends that have thus emerged that bridge humans to the digital world. This blog hereby summarises such ‘ Smart Space s’ that are trending digital transformation solutions in the current times. Some of these trends include Empowered Edge Technology, Distributed Cloud Computing, Autonomous Things, Practical Blockchain, and Artificial Intelligence (AI) Security. Empowered Edge Technology is about moving towards a smarter, faster and more flexible computing topology for processing and storing data Distributed Cloud Computing is regarding the distribution of public cloud services to different locations outside the cloud providers’ data centers, while the originating public cloud provider assumes responsibility for the operation, governance, maintenance and updates. As per the author, such computing is expect
Read more

EHR Modernization: Health Data Management & Interoperability

Image
Electronic Health Records are the backbone of the healthcare industry. They are more efficient, accurate, and secure than paper records. These records are not only helpful to physicians in providing better care for their patients but also help in reducing medical errors. Hospitals need to modernize their EHR systems because they can't afford to be left behind in this era of digitization. A new generation of health care providers is more comfortable with technology and they want future generations to grow up with technology as well. Electronic health records can be a great tool for doctors and nurses in the medical field to have a better overview of patients. It can also help with data management, medical research, and other aspects of healthcare. One of the most important parts of this process is that hospitals should take into account the needs of their staff. This way they can get their employees up to speed on these new systems and make sure they can use them efficiently. We Hel
Read more

RASA – an Open Source Chatbot Solution

Image
Conversational agents or chatbots are the current trends which is followed by the organizations as their first line of support for reducing the response time. The initial generation of bots was not very smart as they understood only a limited set of queries. Different Chatbot platforms are: -         DialogFlow vs.  RASA DialogFlow: -         Formerly known as API -         It does almost everything what chatbots generally do -         Entities and intents classification is handled by DialogFlow -         Lacks end-user management -         It allows webhooks for fulfillment -         Its robust API allows defining intents and entities -         Hosts data in clouds -         On-premise operation is not possible RASA is an open-source machine learning the tool used by developers and product teams for expanding bots ability to answer more than just simple questions. RASA’s Terminologies: -           Intent: It is the basic intention
Read more