Fundamental Technology Concepts that Protect Containerized Applications
An O'Reilly Animal Series Book written by Liz Rice, VP of Open Source at Aqua Security
To facilitate scalability and resilience, many organizations now run applications in cloud native environments using containers and orchestration. But how do you know if the deployment is secure? This practical book examines key underlying technologies to help developers, operators, and security professionals assess security risks and determine appropriate solutions.
Author Liz Rice, VP of Open Source at Aqua Security, explains her motivation for writing this book:
"The idea of the book is really to explain what’s happening with containers, why there are no secure boundaries as with VMs, what does it mean for containers, why do we need vulnerability scanning and why it’s important.
My professional background is in software development and not security. I came into security having a lot of experience with containers, so understanding how they work meant that I could reason about security pretty effectively, I am a big believer in that. I don’t like the checklist approach, I want to understand how the technology works, not just follow a process.
In this book, I give people that layer underneath of understanding so they can reason for themselves. There isn’t a simple or even a complicated answer--if you understand your environment and how you use containers in your environment, you can think about how people might attack it, and how to secure it. The book educates on the importance of securing your environment and how."
I hope you enjoy the book!