Re: Not the final word, but a step in the direction of full confidence
Charlie as you say here, and also one of the issues not discussed in the Gartner report, is that Docker does not limit access to root processes or system vulnerabilities. In other words, application security controls are still necessary when using containers. One way to address this problem is to put Runtime Application Self-Protection (RASP) inside the container. This enables an approach we call Bring Your Own Security (BYOS), since security controls follow the applications regardless of where they are deployed and performs activity monitoring, policy enforcement and attack blocking at runtime. It enables organizations to protect applications in the cloud and containers against exploits that target vulnerabilities in third party libraries and malicious activity including SQL Injection, abnormal file manipulation or unexpected network connections. Do you think that portable secure containers are a good way to provide confidence when running your apps on the cloud?