Odds are, software (or virtual) containers are in use right now somewhere within your organization, probably by isolated developers or development teams to rapidly create new applications. They might even be running in production. Unfortunately, many security teams don’t yet understand the security implications of containers or know if they are running in their companies.
Container-based applications introduce unique security challenges; here’s how to address them
In a nutshell, Linux container technologies such as Docker and CoreOS Rkt virtualize applications instead of entire servers. Containers are superlightweight compared with virtual machines, with no need for replicating the guest operating system. They are flexible, scalable, and easy to use, and they can pack a lot more applications into a given physical infrastructure than is possible with VMs. And because they share the host operating system, rather than relying on a guest OS, containers can be spun up instantly (in seconds versus the minutes VMs require).
Amir Jerbi is co-founder and CTO of Aqua Security, the maker of a comprehensive, purpose-built platform for container security. Prior to Aqua, Jerbi was a chief architect at CA Technologies in charge of the host-based security product line. He holds 14 patents in cloud and virtual security.