What is security for containers?

• Security concepts for containers and Kubernetes

• Nothing, use this as a resource

Container security is not just one thing to be implemented, but rather it spans across multiple points in the development cycle. Think of applying security measures to ensure your supply chain, where the supply chain is your content and code traveling through your containers. With this in mind, there are several key areas to consider for security needs:

Container images

The first and most basic component of containers is the layers of files they are created out of, called container images. The base images that are used as a starting point for creating other images must be secured as a trusted resource first and foremost. A good security measure is to ensure that this image comes from a known open source group, hosted on a reputable registry, and has all source code available. On top of these precautions, container images should be scanned on a regular cadence to look out for any modifications that could compromise your overall workflows.

Access management

Another important security rule is checking that your team has the permissions they need to access the container images, as well as preventing anyone who shouldn’t. Role-based assignments in particular can be effective in mitigating any potential human errors that may result in vulnerabilities to your images.

Automated testing and deployment

After a build is completed, they should be managed according to Center for Internet Security (CIS) standards. This can be pursued through automated policies designed to raise flags with any security issues or vulnerabilities found in the build.

These options can enable your organization to secure your containers and workloads more easily. Now that you have a grasp as to what security measures can be applied to your containers, next we’ll learn the specifics of each as it applies to Kubernetes.