Securosis: Assembling a Container Security Program
In this comprehensive research, security analysts Securosis provide a complete overview of the security implications of using virtual containers.
The report outlines:
- Potential security threats to containers
- How to secure the build pipeline
- How to secure container contents
- Protecting containers in runtime
- Monitoring and auditing
From the report: "The burden of securing containers falls across Development, Operations, and Security teams — but these groups are not always certain how to tackle the issues. This research is intended to aid security practitioners, developers, and IT operations teams in selecting container security tools and approaches."