Container Security

From a commercial idea to online application in the blink of an eye

Dev-op teams use more and more containers in their development strategy these days, and the development of cloud-native applications has become easier and therefore faster. The cumbersome process of moving the application from test to production has been significantly streamlined.

All the features required to run the application are present in the container itself, and a container application can easily be moved over virtual machines, traditional servers in local data centers, or the public cloud environment.

Because of all their advantages, containers are an integral part of today’s application development process.

Arnold Stam
Arnold Stam

Need more information?
We are happy to help.

+31 (0)33 4500 370
info@kahuna.eu

Container security deserves full attention

From a cybersecurity point of view, container environments bring with them new areas of interest such as images, containers, host, runtimes, registries, and orchestration platforms.

Container security features

Monitoring

A good container security solution must have meticulously monitoring of the container environment. The dynamic nature of the container environment requires continuous insight into the present but volatile components that cause vulnerabilities.

Scanning

Containers should be continuously scanned for vulnerabilities. Every day, vulnerabilities are added to the same container application code.

Firewall

A container firewall inspects and protects all traffic to and from the containers as well as traffic to and from external networks and legacy applications.

 

Policy engines

Based on the security policy, a consistent choice must be made as to who and what has access to the widely distributed microservices in the scattered container environment.

Containers themselves also bring security benefits.

The time-consuming process of patching vulnerabilities is greatly accelerated because containers are quickly created, removed, and moved. Instead of having to wait for the right moment, which can take months, the patch of containers is by nature executed earlier. This significantly reduces the period of vulnerability due to the lack of opportunity to install the patch.

Cybersecurity automation
A contradictory situation is arising in the security landscape. There’s a growing shortage of security specialists while the number of applications that need to be secured is growing quickly.

In the long run, this can only be solved by outsourcing to a security broker such as Kahuna, which uses automated tools to assess incidents, and to only have threats that pose a serious threat to the company’s core activities manually investigated and mitigated by analysts (see Detection Controls, Risk-based Monitoring).

Container Security

Kahuna container security offerings

Kahuna supports two container security lines

Palo Alto Networks container security is a logical successor of the non-premise firewall line to the VM environment.  All NGFW features are also available for container and serverless computing environments.

Find out what we can do for you!

Challenge our experts with the security struggles your business is facing.

Kahuna Newsletter