SlideShare a Scribd company logo

Container Security Essentials

DNIF
DNIF

In this presentation, we talk about: - Introduction to Containers - Container Security Overview You can watch the complete session here: https://youtu.be/w2-NtdAkrOI?t=1901

Technology
1 of 27
Download to read offline
Container Security Essentials Basics of Containers and Container Security Ankit Wasnik Solution Architect, Qualys, Inc.
Qualys, Inc. Confidential Presentation. Internal Only. 2 Agenda Introduction to Containers Container Security Overview
Qualys, Inc. Confidential Presentation. Internal Only. 3 Introduction to Containers
Qualys, Inc. Confidential Presentation. Internal Only. 4 Let’s take a poll Poll-1
Qualys, Inc. Confidential Presentation. Internal Only. 5 Containers are changing the IT landscape Source: Datadog Dockers hosts run an average of 7 containers, 25% of companies run 14+ containers
Qualys, Inc. Confidential Presentation. Internal Only. 6 Why Containers • Less overhead • Run Anywhere • Isolation • More consistent operation • Greater efficiency 08 आगसट 2019
Qualys, Inc. Confidential Presentation. Internal Only. 7 What are Containers? Logical packaging mechanism for your Applications A methodology that decouples applications from operating systems Containers are often compared with virtual machines but containers offer a far more lightweight unit for developers and IT Ops teams to work with, carrying a myriad of benefits Host Operating System Hypervisor Guest OS Guest OS Guest OS Infrastructure Bins/Lib s Bins/Lib s Bins/Lib s App 1 App 2 App 3 Host Operating System Docker Engine Infrastructure Bins/Lib s Bins/Lib s Bins/Lib s App 1 App 2 App 3
Qualys, Inc. Confidential Presentation. Internal Only. 8 Let’s take a poll Poll-2
Qualys, Inc. Confidential Presentation. Internal Only. 9 On Virtual Machines Container Deployment Models 9 Docker Engine Libraries App D App E App F Linux Docker Engine Libraries App A App B App C Linux Server Host Operating System VM Hypervisor Virtual Machine Virtual Machine On Bare Metal Server App D App E App F App A App B App C Server Host Operating System Docker Engine Libraries
Qualys, Inc. Confidential Presentation. Internal Only. 10 Let’s take a poll Poll-3, 4
Qualys, Inc. Confidential Presentation. Internal Only. 11 Container Components & Lifecycle AWS EC2 Instance Docker Engine Image #Apace Image FROM Ubuntu:12.04 RUN apt-get update RUN apt-get install –y apache2 ENV APACHE RUN_USER www-dat. Docker File Image Registry Containers AWS ECS Elastic Container Service myApache:2.2:Latest On Premises Public Clouds Host / VM Docker Engine 08 आगसट 2019 11
Qualys, Inc. Confidential Presentation. Internal Only. 12 Container Security Challenge, Threats and Goals
Qualys, Inc. Confidential Presentation. Internal Only. 13 Containers Bring Unique Security Challenges Unlike traditional environments 08 आगसट 2019 13 Deployed in hyperscale (large scale x ‘n’ microservice per application) Open development practices (docker pull centos:latest) Network communications are also host independent, with container-to-container communication. Traditional HIDS&HIPS doesn’t work Deployments are highly elastic and can be extremely ephemeral No patching – Update source definition and swap out
Qualys, Inc. Confidential Presentation. Internal Only. 14 Container Risks/Threats Impacts security program 1. Un-validated external software 2. Non-standard configurations 3. Lack of deployment hygiene 4. Unmonitored Container to Container communication (East – West traffic) 5. Untracked ephemeral instances 6. Unauthorized access (lack of proper governance) 08 आगसट 2019 14 Vulnerability Mgmt. Compliance Container Firewall (Layer 3) GRC Asset Mgmt. + GRC
Qualys, Inc. Confidential Presentation. Internal Only. 15 Let’s take a poll Poll-5
Qualys, Inc. Confidential Presentation. Internal Only. 16 • Deploy static binary code analysis for any custom code components as they are integrated into the build • Detect vulnerabilities and harden images in the automated build pipeline process using image scanning solutions • Set up private image repositories Container Threat Vector - 1 Un-validated external software 08/08/2019
Qualys, Inc. Confidential Presentation. Internal Only. 17 • Run CIS standard compliance checks for Docker environments • Upgrade Docker engine to latest version possible to avoid known security vulnerabilities • Only allow approved Host OS’s by creating Gold Builds which are pre- hardened with up-front compliance checks Container Threat Vector - 2 Non-standard configurations 08/08/2019
Qualys, Inc. Confidential Presentation. Internal Only. 18 • Require Container specific intrusion monitoring tools - that analyze traffic between Containers • Utilize updated IDS to detect for anomalies and process them through the approved SOC exception handling process • Maintain a whitelist of container actions to allow approved applications and services, extend the solution to be able to Quarantine/ Block un-approved containers from spinning up Container Threat Vector – 3 Container to Container traffic 08/08/2019
Qualys, Inc. Confidential Presentation. Internal Only. 19 • Containers’ average lifetimes are much shorter than Virtual Machines (few hours/days vs. weeks/months/years) • Deploy tools to track events on Docker hosts • Collect and review container, parent image and orchestration tool information like Kubernetes, Mesos • Effective Incident Response requires this data for reviewing past activity, identifying who did what and setting up forensic actions Container Threat Vector – 4 Untracked ephemeral instances 08/08/2019
Qualys, Inc. Confidential Presentation. Internal Only. 20 • Restrict access to public code repositories and re-direct available source libraries to private registries with pre-trusted images • Validate trust when pulling down new images • Segment users to specific environments and libraries with RBAC • Deploy Container specific IPS solutions to monitor behavior in staging environments and populate a white list to pass to IDS Container Threat Vector – 5 Unauthorized access 08/08/2019
Qualys, Inc. Confidential Presentation. Internal Only. 21 Container Security Goals “101” Discovery & tracking across scale and sprawl Effective vulnerability management, compliance and container-native intrusion detection, prevention and firewall program Adaptive security that integrates into modern practices and platforms (DevSecOps) Update Operational Monitoring, Patching and Incident Response 08 आगसट 2019 21
Qualys, Inc. Confidential Presentation. Internal Only. 22 Container Security Solutions
Qualys, Inc. Confidential Presentation. Internal Only. 23 23 Container Security Sensor Options from the Industry
Qualys, Inc. Confidential Presentation. Internal Only. 24 Let’s take a poll Poll-6
Qualys, Inc. Confidential Presentation. Internal Only. 25 25 Container Security – Different Tool Form Factors
Qualys, Inc. Confidential Presentation. Internal Only. 26 26 Run Time Security Container Application Visibility + Defense
Qualys, Inc. Confidential Presentation. Internal Only. 27 Thank You Ankit Wasnik awasnik@qualys.com

Recommended

Azure kubernetes service
Azure kubernetes serviceAzure kubernetes service
Azure kubernetes serviceVishwas N
 
Introduction of Kubernetes - Trang Nguyen
Introduction of Kubernetes - Trang NguyenIntroduction of Kubernetes - Trang Nguyen
Introduction of Kubernetes - Trang NguyenTrang Nguyen
 
Understanding container security
Understanding container securityUnderstanding container security
Understanding container securityJohn Kinsella
 
Advanced Container Security
Advanced Container Security Advanced Container Security
Advanced Container Security Amazon Web Services
 
Deploying your first application with Kubernetes
Deploying your first application with KubernetesDeploying your first application with Kubernetes
Deploying your first application with KubernetesOVHcloud
 
Container orchestration overview
Container orchestration overviewContainer orchestration overview
Container orchestration overviewWyn B. Van Devanter
 
Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Ryan Jarvinen
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes IntroductionMartin Danielsson
 

Recommended

Azure kubernetes service
Azure kubernetes serviceAzure kubernetes service
Azure kubernetes serviceVishwas N
 
Introduction of Kubernetes - Trang Nguyen
Introduction of Kubernetes - Trang NguyenIntroduction of Kubernetes - Trang Nguyen
Introduction of Kubernetes - Trang NguyenTrang Nguyen
 
Understanding container security
Understanding container securityUnderstanding container security
Understanding container securityJohn Kinsella
 
Advanced Container Security
Advanced Container Security Advanced Container Security
Advanced Container Security Amazon Web Services
 
Deploying your first application with Kubernetes
Deploying your first application with KubernetesDeploying your first application with Kubernetes
Deploying your first application with KubernetesOVHcloud
 
Container orchestration overview
Container orchestration overviewContainer orchestration overview
Container orchestration overviewWyn B. Van Devanter
 
Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Ryan Jarvinen
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes IntroductionMartin Danielsson
 
Dos and Don'ts of DevSecOps
Dos and Don'ts of DevSecOpsDos and Don'ts of DevSecOps
Dos and Don'ts of DevSecOpsPriyanka Aash
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes BasicsEueung Mulyana
 
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP IndonesiaStrengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP IndonesiaMohammed A. Imran
 
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesKubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesSlideTeam
 
Introduction to CICD
Introduction to CICDIntroduction to CICD
Introduction to CICDKnoldus Inc.
 
Kubernetes on AWS with Amazon EKS
Kubernetes on AWS with Amazon EKSKubernetes on AWS with Amazon EKS
Kubernetes on AWS with Amazon EKSAmazon Web Services
 
What Is Kubernetes | Kubernetes Introduction | Kubernetes Tutorial For Beginn...
What Is Kubernetes | Kubernetes Introduction | Kubernetes Tutorial For Beginn...What Is Kubernetes | Kubernetes Introduction | Kubernetes Tutorial For Beginn...
What Is Kubernetes | Kubernetes Introduction | Kubernetes Tutorial For Beginn...Edureka!
 
Kubernetes 101 - an Introduction to Containers, Kubernetes, and OpenShift
Kubernetes 101 - an Introduction to Containers, Kubernetes, and OpenShiftKubernetes 101 - an Introduction to Containers, Kubernetes, and OpenShift
Kubernetes 101 - an Introduction to Containers, Kubernetes, and OpenShiftDevOps.com
 
Introduction to Tekton
Introduction to TektonIntroduction to Tekton
Introduction to TektonVictor Iglesias
 
OpenShift Introduction
OpenShift IntroductionOpenShift Introduction
OpenShift IntroductionRed Hat Developers
 
infrastructure as code
infrastructure as codeinfrastructure as code
infrastructure as codeAmazon Web Services
 
DevOps and Cloud
DevOps and CloudDevOps and Cloud
DevOps and CloudFernando Honig
 
Red Hat OpenShift Container Platform Overview
Red Hat OpenShift Container Platform OverviewRed Hat OpenShift Container Platform Overview
Red Hat OpenShift Container Platform OverviewJames Falkner
 
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Edureka!
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetesRishabh Indoria
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101Crevise Technologies
 
Kubernetes
KubernetesKubernetes
KubernetesMeng-Ze Lee
 
Build CICD Pipeline for Container Presentation Slides
Build CICD Pipeline for Container Presentation SlidesBuild CICD Pipeline for Container Presentation Slides
Build CICD Pipeline for Container Presentation SlidesAmazon Web Services
 
Containers: The What, Why, and How
Containers: The What, Why, and HowContainers: The What, Why, and How
Containers: The What, Why, and HowSneha Inguva
 
Dockers and kubernetes
Dockers and kubernetesDockers and kubernetes
Dockers and kubernetesDr Ganesh Iyer
 
Enabling Fast IT using Containers, Microservices and DAVROS models: an overview
Enabling Fast IT using Containers, Microservices and DAVROS models: an overviewEnabling Fast IT using Containers, Microservices and DAVROS models: an overview
Enabling Fast IT using Containers, Microservices and DAVROS models: an overviewCisco DevNet
 
AWS TechConnect 2018 - Container Adoption
AWS TechConnect 2018 - Container AdoptionAWS TechConnect 2018 - Container Adoption
AWS TechConnect 2018 - Container AdoptionAlex Rhea
 

More Related Content

What's hot

Dos and Don'ts of DevSecOps
Dos and Don'ts of DevSecOpsDos and Don'ts of DevSecOps
Dos and Don'ts of DevSecOpsPriyanka Aash
 
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP IndonesiaStrengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP IndonesiaMohammed A. Imran
 
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesKubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesSlideTeam
 
Introduction to CICD
Introduction to CICDIntroduction to CICD
Introduction to CICDKnoldus Inc.
 
Kubernetes on AWS with Amazon EKS
Kubernetes on AWS with Amazon EKSKubernetes on AWS with Amazon EKS
Kubernetes on AWS with Amazon EKSAmazon Web Services
 
What Is Kubernetes | Kubernetes Introduction | Kubernetes Tutorial For Beginn...
What Is Kubernetes | Kubernetes Introduction | Kubernetes Tutorial For Beginn...What Is Kubernetes | Kubernetes Introduction | Kubernetes Tutorial For Beginn...
What Is Kubernetes | Kubernetes Introduction | Kubernetes Tutorial For Beginn...Edureka!
 
Kubernetes 101 - an Introduction to Containers, Kubernetes, and OpenShift
Kubernetes 101 - an Introduction to Containers, Kubernetes, and OpenShiftKubernetes 101 - an Introduction to Containers, Kubernetes, and OpenShift
Kubernetes 101 - an Introduction to Containers, Kubernetes, and OpenShiftDevOps.com
 
Red Hat OpenShift Container Platform Overview
Red Hat OpenShift Container Platform OverviewRed Hat OpenShift Container Platform Overview
Red Hat OpenShift Container Platform OverviewJames Falkner
 
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Edureka!
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetesRishabh Indoria
 
Build CICD Pipeline for Container Presentation Slides
Build CICD Pipeline for Container Presentation SlidesBuild CICD Pipeline for Container Presentation Slides
Build CICD Pipeline for Container Presentation SlidesAmazon Web Services
 
Containers: The What, Why, and How
Containers: The What, Why, and HowContainers: The What, Why, and How
Containers: The What, Why, and HowSneha Inguva
 
Dockers and kubernetes
Dockers and kubernetesDockers and kubernetes
Dockers and kubernetesDr Ganesh Iyer
 

What's hot (20)

Dos and Don'ts of DevSecOps
Dos and Don'ts of DevSecOpsDos and Don'ts of DevSecOps
Dos and Don'ts of DevSecOps
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
 
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP IndonesiaStrengthen and Scale Security Using DevSecOps - OWASP Indonesia
Strengthen and Scale Security Using DevSecOps - OWASP Indonesia
 
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation SlidesKubernetes Concepts And Architecture Powerpoint Presentation Slides
Kubernetes Concepts And Architecture Powerpoint Presentation Slides
 
Introduction to CICD
Introduction to CICDIntroduction to CICD
Introduction to CICD
 
Kubernetes on AWS with Amazon EKS
Kubernetes on AWS with Amazon EKSKubernetes on AWS with Amazon EKS
Kubernetes on AWS with Amazon EKS
 
What Is Kubernetes | Kubernetes Introduction | Kubernetes Tutorial For Beginn...
What Is Kubernetes | Kubernetes Introduction | Kubernetes Tutorial For Beginn...What Is Kubernetes | Kubernetes Introduction | Kubernetes Tutorial For Beginn...
What Is Kubernetes | Kubernetes Introduction | Kubernetes Tutorial For Beginn...
 
Kubernetes 101 - an Introduction to Containers, Kubernetes, and OpenShift
Kubernetes 101 - an Introduction to Containers, Kubernetes, and OpenShiftKubernetes 101 - an Introduction to Containers, Kubernetes, and OpenShift
Kubernetes 101 - an Introduction to Containers, Kubernetes, and OpenShift
 
Introduction to Tekton
Introduction to TektonIntroduction to Tekton
Introduction to Tekton
 
OpenShift Introduction
OpenShift IntroductionOpenShift Introduction
OpenShift Introduction
 
infrastructure as code
infrastructure as codeinfrastructure as code
infrastructure as code
 
DevOps and Cloud
DevOps and CloudDevOps and Cloud
DevOps and Cloud
 
Red Hat OpenShift Container Platform Overview
Red Hat OpenShift Container Platform OverviewRed Hat OpenShift Container Platform Overview
Red Hat OpenShift Container Platform Overview
 
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101
 
Kubernetes
KubernetesKubernetes
Kubernetes
 
Build CICD Pipeline for Container Presentation Slides
Build CICD Pipeline for Container Presentation SlidesBuild CICD Pipeline for Container Presentation Slides
Build CICD Pipeline for Container Presentation Slides
 
Containers: The What, Why, and How
Containers: The What, Why, and HowContainers: The What, Why, and How
Containers: The What, Why, and How
 
Dockers and kubernetes
Dockers and kubernetesDockers and kubernetes
Dockers and kubernetes
 

Similar to Container Security Essentials

Enabling Fast IT using Containers, Microservices and DAVROS models: an overview
Enabling Fast IT using Containers, Microservices and DAVROS models: an overviewEnabling Fast IT using Containers, Microservices and DAVROS models: an overview
Enabling Fast IT using Containers, Microservices and DAVROS models: an overviewCisco DevNet
 
AWS TechConnect 2018 - Container Adoption
AWS TechConnect 2018 - Container AdoptionAWS TechConnect 2018 - Container Adoption
AWS TechConnect 2018 - Container AdoptionAlex Rhea
 
Applied Security for Containers, OW2con'18, June 7-8, 2018, Paris
Applied Security for Containers, OW2con'18, June 7-8, 2018, ParisApplied Security for Containers, OW2con'18, June 7-8, 2018, Paris
Applied Security for Containers, OW2con'18, June 7-8, 2018, ParisOW2
 
Executive Briefing: The Why, What, and Where of Containers
Executive Briefing: The Why, What, and Where of ContainersExecutive Briefing: The Why, What, and Where of Containers
Executive Briefing: The Why, What, and Where of ContainersNVISIA
 
Finding Your Way in Container Security
Finding Your Way in Container SecurityFinding Your Way in Container Security
Finding Your Way in Container SecurityKsenia Peguero
 
Finding Your Way in Container Security
Finding Your Way in Container SecurityFinding Your Way in Container Security
Finding Your Way in Container SecurityKsenia Peguero
 
Are Your Containers as Secure as You Think?
Are Your Containers as Secure as You Think?Are Your Containers as Secure as You Think?
Are Your Containers as Secure as You Think?DevOps.com
 
Outpost24 webinar : how to secure your data in the cloud - 06-2018
Outpost24 webinar : how to secure your data in the cloud - 06-2018Outpost24 webinar : how to secure your data in the cloud - 06-2018
Outpost24 webinar : how to secure your data in the cloud - 06-2018Outpost24
 
Container Shangri-La Attaining the Promise of Container Paradise
Container Shangri-La Attaining the Promise of Container ParadiseContainer Shangri-La Attaining the Promise of Container Paradise
Container Shangri-La Attaining the Promise of Container ParadiseXebiaLabs
 
Outpost24 webinar mastering container security in modern day dev ops
Outpost24 webinar mastering container security in modern day dev opsOutpost24 webinar mastering container security in modern day dev ops
Outpost24 webinar mastering container security in modern day dev opsOutpost24
 
Cloud Native Summit 2019 Summary
Cloud Native Summit 2019 SummaryCloud Native Summit 2019 Summary
Cloud Native Summit 2019 SummaryEverett Toews
 
Azure meetup cloud native concepts - may 28th 2018
Azure meetup cloud native concepts - may 28th 2018Azure meetup cloud native concepts - may 28th 2018
Azure meetup cloud native concepts - may 28th 2018Jim Bugwadia
 
Securing Container Deployments from Build to Ship to Run - August 2017 - Ranc...
Securing Container Deployments from Build to Ship to Run - August 2017 - Ranc...Securing Container Deployments from Build to Ship to Run - August 2017 - Ranc...
Securing Container Deployments from Build to Ship to Run - August 2017 - Ranc...Shannon Williams
 
Immutable Infrastructure Security
Immutable Infrastructure SecurityImmutable Infrastructure Security
Immutable Infrastructure SecurityRicky Sanders
 
PIACERE - DevSecOps Automated
PIACERE - DevSecOps AutomatedPIACERE - DevSecOps Automated
PIACERE - DevSecOps AutomatedPIACERE
 
Containerization Use Cases.pdf
Containerization Use Cases.pdfContainerization Use Cases.pdf
Containerization Use Cases.pdfSimform
 
Microsoft Ignite 2018 BRK3192 Container DevOps on Azure
Microsoft Ignite 2018 BRK3192 Container DevOps on AzureMicrosoft Ignite 2018 BRK3192 Container DevOps on Azure
Microsoft Ignite 2018 BRK3192 Container DevOps on AzureJessica Deen
 
Using Containers to More Effectively Manage DevOps Continuous Integration
Using Containers to More Effectively Manage DevOps Continuous IntegrationUsing Containers to More Effectively Manage DevOps Continuous Integration
Using Containers to More Effectively Manage DevOps Continuous IntegrationCognizant
 
The How and Why of Container Vulnerability Management
The How and Why of Container Vulnerability ManagementThe How and Why of Container Vulnerability Management
The How and Why of Container Vulnerability ManagementTim Mackey
 

Similar to Container Security Essentials (20)

Enabling Fast IT using Containers, Microservices and DAVROS models: an overview
Enabling Fast IT using Containers, Microservices and DAVROS models: an overviewEnabling Fast IT using Containers, Microservices and DAVROS models: an overview
Enabling Fast IT using Containers, Microservices and DAVROS models: an overview
 
AWS TechConnect 2018 - Container Adoption
AWS TechConnect 2018 - Container AdoptionAWS TechConnect 2018 - Container Adoption
AWS TechConnect 2018 - Container Adoption
 
Applied Security for Containers, OW2con'18, June 7-8, 2018, Paris
Applied Security for Containers, OW2con'18, June 7-8, 2018, ParisApplied Security for Containers, OW2con'18, June 7-8, 2018, Paris
Applied Security for Containers, OW2con'18, June 7-8, 2018, Paris
 
Executive Briefing: The Why, What, and Where of Containers
Executive Briefing: The Why, What, and Where of ContainersExecutive Briefing: The Why, What, and Where of Containers
Executive Briefing: The Why, What, and Where of Containers
 
Finding Your Way in Container Security
Finding Your Way in Container SecurityFinding Your Way in Container Security
Finding Your Way in Container Security
 
Finding Your Way in Container Security
Finding Your Way in Container SecurityFinding Your Way in Container Security
Finding Your Way in Container Security
 
Are Your Containers as Secure as You Think?
Are Your Containers as Secure as You Think?Are Your Containers as Secure as You Think?
Are Your Containers as Secure as You Think?
 
Outpost24 webinar : how to secure your data in the cloud - 06-2018
Outpost24 webinar : how to secure your data in the cloud - 06-2018Outpost24 webinar : how to secure your data in the cloud - 06-2018
Outpost24 webinar : how to secure your data in the cloud - 06-2018
 
Container Shangri-La Attaining the Promise of Container Paradise
Container Shangri-La Attaining the Promise of Container ParadiseContainer Shangri-La Attaining the Promise of Container Paradise
Container Shangri-La Attaining the Promise of Container Paradise
 
Outpost24 webinar mastering container security in modern day dev ops
Outpost24 webinar mastering container security in modern day dev opsOutpost24 webinar mastering container security in modern day dev ops
Outpost24 webinar mastering container security in modern day dev ops
 
Cloud Native Summit 2019 Summary
Cloud Native Summit 2019 SummaryCloud Native Summit 2019 Summary
Cloud Native Summit 2019 Summary
 
Azure meetup cloud native concepts - may 28th 2018
Azure meetup cloud native concepts - may 28th 2018Azure meetup cloud native concepts - may 28th 2018
Azure meetup cloud native concepts - may 28th 2018
 
GCP DevOps Training.pptx
GCP DevOps Training.pptxGCP DevOps Training.pptx
GCP DevOps Training.pptx
 
Securing Container Deployments from Build to Ship to Run - August 2017 - Ranc...
Securing Container Deployments from Build to Ship to Run - August 2017 - Ranc...Securing Container Deployments from Build to Ship to Run - August 2017 - Ranc...
Securing Container Deployments from Build to Ship to Run - August 2017 - Ranc...
 
Immutable Infrastructure Security
Immutable Infrastructure SecurityImmutable Infrastructure Security
Immutable Infrastructure Security
 
PIACERE - DevSecOps Automated
PIACERE - DevSecOps AutomatedPIACERE - DevSecOps Automated
PIACERE - DevSecOps Automated
 
Containerization Use Cases.pdf
Containerization Use Cases.pdfContainerization Use Cases.pdf
Containerization Use Cases.pdf
 
Microsoft Ignite 2018 BRK3192 Container DevOps on Azure
Microsoft Ignite 2018 BRK3192 Container DevOps on AzureMicrosoft Ignite 2018 BRK3192 Container DevOps on Azure
Microsoft Ignite 2018 BRK3192 Container DevOps on Azure
 
Using Containers to More Effectively Manage DevOps Continuous Integration
Using Containers to More Effectively Manage DevOps Continuous IntegrationUsing Containers to More Effectively Manage DevOps Continuous Integration
Using Containers to More Effectively Manage DevOps Continuous Integration
 
The How and Why of Container Vulnerability Management
The How and Why of Container Vulnerability ManagementThe How and Why of Container Vulnerability Management
The How and Why of Container Vulnerability Management
 

More from DNIF

Beyond blacklists - A cyber threat intelligence perspective
Beyond blacklists - A cyber threat intelligence perspectiveBeyond blacklists - A cyber threat intelligence perspective
Beyond blacklists - A cyber threat intelligence perspectiveDNIF
 
Insight into SOAR
Insight into SOARInsight into SOAR
Insight into SOARDNIF
 
A closer look at CTF challenges
A closer look at CTF challengesA closer look at CTF challenges
A closer look at CTF challengesDNIF
 
Threat Intelligence and Cyber Security Challenges | KASPERSKY & DNIF INTEGRATION
Threat Intelligence and Cyber Security Challenges | KASPERSKY & DNIF INTEGRATIONThreat Intelligence and Cyber Security Challenges | KASPERSKY & DNIF INTEGRATION
Threat Intelligence and Cyber Security Challenges | KASPERSKY & DNIF INTEGRATIONDNIF
 
CVE Analysis using vFeed
CVE Analysis using vFeedCVE Analysis using vFeed
CVE Analysis using vFeedDNIF
 
Importance of having a vulnerability management | Vfeed
Importance of having a vulnerability management | Vfeed Importance of having a vulnerability management | Vfeed
Importance of having a vulnerability management | Vfeed DNIF
 
Anatomy of Persistence Techniques & Strategies to Detect
Anatomy of Persistence Techniques & Strategies to DetectAnatomy of Persistence Techniques & Strategies to Detect
Anatomy of Persistence Techniques & Strategies to DetectDNIF
 
User Behavior Analytics Using Machine Learning
User Behavior Analytics Using Machine LearningUser Behavior Analytics Using Machine Learning
User Behavior Analytics Using Machine LearningDNIF
 
Process Whitelisting With VirusTotal
Process Whitelisting With VirusTotalProcess Whitelisting With VirusTotal
Process Whitelisting With VirusTotalDNIF
 
VirusTotal Threat Intelligence and DNIF Use Cases
VirusTotal Threat Intelligence and DNIF Use CasesVirusTotal Threat Intelligence and DNIF Use Cases
VirusTotal Threat Intelligence and DNIF Use CasesDNIF
 
Threat hunting and achieving security maturity
Threat hunting and achieving security maturityThreat hunting and achieving security maturity
Threat hunting and achieving security maturityDNIF
 
Kaspersky Threat Intelligence Portal and DNIF Use Cases
Kaspersky Threat Intelligence Portal and DNIF Use Cases Kaspersky Threat Intelligence Portal and DNIF Use Cases
Kaspersky Threat Intelligence Portal and DNIF Use Cases DNIF
 
Data Analytics in Cyber Security
Data Analytics in Cyber SecurityData Analytics in Cyber Security
Data Analytics in Cyber SecurityDNIF
 
Mastering Next Gen SIEM Use Cases (Part 3)
Mastering Next Gen SIEM Use Cases (Part 3)Mastering Next Gen SIEM Use Cases (Part 3)
Mastering Next Gen SIEM Use Cases (Part 3)DNIF
 
Mastering Next Gen SIEM Use Cases (Part 2)
Mastering Next Gen SIEM Use Cases (Part 2)Mastering Next Gen SIEM Use Cases (Part 2)
Mastering Next Gen SIEM Use Cases (Part 2)DNIF
 
Mastering Next Gen SIEM Use Cases (Part 1)
Mastering Next Gen SIEM Use Cases (Part 1)Mastering Next Gen SIEM Use Cases (Part 1)
Mastering Next Gen SIEM Use Cases (Part 1)DNIF
 

More from DNIF (16)

Beyond blacklists - A cyber threat intelligence perspective
Beyond blacklists - A cyber threat intelligence perspectiveBeyond blacklists - A cyber threat intelligence perspective
Beyond blacklists - A cyber threat intelligence perspective
 
Insight into SOAR
Insight into SOARInsight into SOAR
Insight into SOAR
 
A closer look at CTF challenges
A closer look at CTF challengesA closer look at CTF challenges
A closer look at CTF challenges
 
Threat Intelligence and Cyber Security Challenges | KASPERSKY & DNIF INTEGRATION
Threat Intelligence and Cyber Security Challenges | KASPERSKY & DNIF INTEGRATIONThreat Intelligence and Cyber Security Challenges | KASPERSKY & DNIF INTEGRATION
Threat Intelligence and Cyber Security Challenges | KASPERSKY & DNIF INTEGRATION
 
CVE Analysis using vFeed
CVE Analysis using vFeedCVE Analysis using vFeed
CVE Analysis using vFeed
 
Importance of having a vulnerability management | Vfeed
Importance of having a vulnerability management | Vfeed Importance of having a vulnerability management | Vfeed
Importance of having a vulnerability management | Vfeed
 
Anatomy of Persistence Techniques & Strategies to Detect
Anatomy of Persistence Techniques & Strategies to DetectAnatomy of Persistence Techniques & Strategies to Detect
Anatomy of Persistence Techniques & Strategies to Detect
 
User Behavior Analytics Using Machine Learning
User Behavior Analytics Using Machine LearningUser Behavior Analytics Using Machine Learning
User Behavior Analytics Using Machine Learning
 
Process Whitelisting With VirusTotal
Process Whitelisting With VirusTotalProcess Whitelisting With VirusTotal
Process Whitelisting With VirusTotal
 
VirusTotal Threat Intelligence and DNIF Use Cases
VirusTotal Threat Intelligence and DNIF Use CasesVirusTotal Threat Intelligence and DNIF Use Cases
VirusTotal Threat Intelligence and DNIF Use Cases
 
Threat hunting and achieving security maturity
Threat hunting and achieving security maturityThreat hunting and achieving security maturity
Threat hunting and achieving security maturity
 
Kaspersky Threat Intelligence Portal and DNIF Use Cases
Kaspersky Threat Intelligence Portal and DNIF Use Cases Kaspersky Threat Intelligence Portal and DNIF Use Cases
Kaspersky Threat Intelligence Portal and DNIF Use Cases
 
Data Analytics in Cyber Security
Data Analytics in Cyber SecurityData Analytics in Cyber Security
Data Analytics in Cyber Security
 
Mastering Next Gen SIEM Use Cases (Part 3)
Mastering Next Gen SIEM Use Cases (Part 3)Mastering Next Gen SIEM Use Cases (Part 3)
Mastering Next Gen SIEM Use Cases (Part 3)
 
Mastering Next Gen SIEM Use Cases (Part 2)
Mastering Next Gen SIEM Use Cases (Part 2)Mastering Next Gen SIEM Use Cases (Part 2)
Mastering Next Gen SIEM Use Cases (Part 2)
 
Mastering Next Gen SIEM Use Cases (Part 1)
Mastering Next Gen SIEM Use Cases (Part 1)Mastering Next Gen SIEM Use Cases (Part 1)
Mastering Next Gen SIEM Use Cases (Part 1)
 

Recently uploaded

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 

Recently uploaded (20)

Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 

Container Security Essentials

  • 1. Container Security Essentials Basics of Containers and Container Security Ankit Wasnik Solution Architect, Qualys, Inc.
  • 2. Qualys, Inc. Confidential Presentation. Internal Only. 2 Agenda Introduction to Containers Container Security Overview
  • 3. Qualys, Inc. Confidential Presentation. Internal Only. 3 Introduction to Containers
  • 4. Qualys, Inc. Confidential Presentation. Internal Only. 4 Let’s take a poll Poll-1
  • 5. Qualys, Inc. Confidential Presentation. Internal Only. 5 Containers are changing the IT landscape Source: Datadog Dockers hosts run an average of 7 containers, 25% of companies run 14+ containers
  • 6. Qualys, Inc. Confidential Presentation. Internal Only. 6 Why Containers • Less overhead • Run Anywhere • Isolation • More consistent operation • Greater efficiency 08 आगसट 2019
  • 7. Qualys, Inc. Confidential Presentation. Internal Only. 7 What are Containers? Logical packaging mechanism for your Applications A methodology that decouples applications from operating systems Containers are often compared with virtual machines but containers offer a far more lightweight unit for developers and IT Ops teams to work with, carrying a myriad of benefits Host Operating System Hypervisor Guest OS Guest OS Guest OS Infrastructure Bins/Lib s Bins/Lib s Bins/Lib s App 1 App 2 App 3 Host Operating System Docker Engine Infrastructure Bins/Lib s Bins/Lib s Bins/Lib s App 1 App 2 App 3
  • 8. Qualys, Inc. Confidential Presentation. Internal Only. 8 Let’s take a poll Poll-2
  • 9. Qualys, Inc. Confidential Presentation. Internal Only. 9 On Virtual Machines Container Deployment Models 9 Docker Engine Libraries App D App E App F Linux Docker Engine Libraries App A App B App C Linux Server Host Operating System VM Hypervisor Virtual Machine Virtual Machine On Bare Metal Server App D App E App F App A App B App C Server Host Operating System Docker Engine Libraries
  • 10. Qualys, Inc. Confidential Presentation. Internal Only. 10 Let’s take a poll Poll-3, 4
  • 11. Qualys, Inc. Confidential Presentation. Internal Only. 11 Container Components & Lifecycle AWS EC2 Instance Docker Engine Image #Apace Image FROM Ubuntu:12.04 RUN apt-get update RUN apt-get install –y apache2 ENV APACHE RUN_USER www-dat. Docker File Image Registry Containers AWS ECS Elastic Container Service myApache:2.2:Latest On Premises Public Clouds Host / VM Docker Engine 08 आगसट 2019 11
  • 12. Qualys, Inc. Confidential Presentation. Internal Only. 12 Container Security Challenge, Threats and Goals
  • 13. Qualys, Inc. Confidential Presentation. Internal Only. 13 Containers Bring Unique Security Challenges Unlike traditional environments 08 आगसट 2019 13 Deployed in hyperscale (large scale x ‘n’ microservice per application) Open development practices (docker pull centos:latest) Network communications are also host independent, with container-to-container communication. Traditional HIDS&HIPS doesn’t work Deployments are highly elastic and can be extremely ephemeral No patching – Update source definition and swap out
  • 14. Qualys, Inc. Confidential Presentation. Internal Only. 14 Container Risks/Threats Impacts security program 1. Un-validated external software 2. Non-standard configurations 3. Lack of deployment hygiene 4. Unmonitored Container to Container communication (East – West traffic) 5. Untracked ephemeral instances 6. Unauthorized access (lack of proper governance) 08 आगसट 2019 14 Vulnerability Mgmt. Compliance Container Firewall (Layer 3) GRC Asset Mgmt. + GRC
  • 15. Qualys, Inc. Confidential Presentation. Internal Only. 15 Let’s take a poll Poll-5
  • 16. Qualys, Inc. Confidential Presentation. Internal Only. 16 • Deploy static binary code analysis for any custom code components as they are integrated into the build • Detect vulnerabilities and harden images in the automated build pipeline process using image scanning solutions • Set up private image repositories Container Threat Vector - 1 Un-validated external software 08/08/2019
  • 17. Qualys, Inc. Confidential Presentation. Internal Only. 17 • Run CIS standard compliance checks for Docker environments • Upgrade Docker engine to latest version possible to avoid known security vulnerabilities • Only allow approved Host OS’s by creating Gold Builds which are pre- hardened with up-front compliance checks Container Threat Vector - 2 Non-standard configurations 08/08/2019
  • 18. Qualys, Inc. Confidential Presentation. Internal Only. 18 • Require Container specific intrusion monitoring tools - that analyze traffic between Containers • Utilize updated IDS to detect for anomalies and process them through the approved SOC exception handling process • Maintain a whitelist of container actions to allow approved applications and services, extend the solution to be able to Quarantine/ Block un-approved containers from spinning up Container Threat Vector – 3 Container to Container traffic 08/08/2019
  • 19. Qualys, Inc. Confidential Presentation. Internal Only. 19 • Containers’ average lifetimes are much shorter than Virtual Machines (few hours/days vs. weeks/months/years) • Deploy tools to track events on Docker hosts • Collect and review container, parent image and orchestration tool information like Kubernetes, Mesos • Effective Incident Response requires this data for reviewing past activity, identifying who did what and setting up forensic actions Container Threat Vector – 4 Untracked ephemeral instances 08/08/2019
  • 20. Qualys, Inc. Confidential Presentation. Internal Only. 20 • Restrict access to public code repositories and re-direct available source libraries to private registries with pre-trusted images • Validate trust when pulling down new images • Segment users to specific environments and libraries with RBAC • Deploy Container specific IPS solutions to monitor behavior in staging environments and populate a white list to pass to IDS Container Threat Vector – 5 Unauthorized access 08/08/2019
  • 21. Qualys, Inc. Confidential Presentation. Internal Only. 21 Container Security Goals “101” Discovery & tracking across scale and sprawl Effective vulnerability management, compliance and container-native intrusion detection, prevention and firewall program Adaptive security that integrates into modern practices and platforms (DevSecOps) Update Operational Monitoring, Patching and Incident Response 08 आगसट 2019 21
  • 22. Qualys, Inc. Confidential Presentation. Internal Only. 22 Container Security Solutions
  • 23. Qualys, Inc. Confidential Presentation. Internal Only. 23 23 Container Security Sensor Options from the Industry
  • 24. Qualys, Inc. Confidential Presentation. Internal Only. 24 Let’s take a poll Poll-6
  • 25. Qualys, Inc. Confidential Presentation. Internal Only. 25 25 Container Security – Different Tool Form Factors
  • 26. Qualys, Inc. Confidential Presentation. Internal Only. 26 26 Run Time Security Container Application Visibility + Defense
  • 27. Qualys, Inc. Confidential Presentation. Internal Only. 27 Thank You Ankit Wasnik awasnik@qualys.com