Gartner Gives Thumbs Up To Docker Security - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Comments
Gartner Gives Thumbs Up To Docker Security
Oldest First  |  Newest First  |  Threaded View
Charlie Babcock
50%
50%
Charlie Babcock,
User Rank: Author
1/14/2015 | 2:12:25 PM
Not the final word, but a step in the direction of full confidence
This doesn't resolve the issue of container security once and for all, but it's a step in that direction. The formatting provids a strict logical boundary around the application and won't be violated, even though other applications are using shared memory on the same server.
Susan_Nunziata
50%
50%
Susan_Nunziata,
User Rank: Strategist
1/14/2015 | 9:04:07 PM
How big a worry is management
@Charles: The Garnter analyst notes "Docker and Linux containers in general fall short when it comes to container management and administration."

In light of that, what advice do you have for enterprise users as they consider their options?
waratek
50%
50%
waratek,
User Rank: Apprentice
1/19/2015 | 5:50:49 AM
Re: Not the final word, but a step in the direction of full confidence
Charlie as you say here, and also one of the issues not discussed in the Gartner report, is that Docker does not limit access to root processes or system vulnerabilities. In other words, application security controls are still necessary when using containers. One way to address this problem is to put Runtime Application Self-Protection (RASP) inside the container. This enables an approach we call Bring Your Own Security (BYOS), since security controls follow the applications regardless of where they are deployed and performs activity monitoring, policy enforcement and attack blocking at runtime. It enables organizations to protect applications in the cloud and containers against exploits that target vulnerabilities in third party libraries and malicious activity including SQL Injection, abnormal file manipulation or unexpected network connections. Do you think that portable secure containers are a good way to provide confidence when running your apps on the cloud?
SaneIT
50%
50%
SaneIT,
User Rank: Ninja
1/20/2015 | 8:14:42 AM
Re: Not the final word, but a step in the direction of full confidence
@warateck, to answer the question of thinking that portable secure containers are a good way to run your apps in the cloud I'm going to go with yes, but with the understanding that it's not a set it and forget it situation.  As the blog post mentioned VM hypervisors aren't perfect either but we trust them because we know the most likely methods of compromising them and we take actions to prevent that.  Using Docker to build your app and push it out to the cloud should be treated the same way.  If you build your app then never do any checking up on it, and ignore vulnerability reports then you're no better off but if you keep those things in mind as Gartner reported it can be safe.


The State of IT & Cybersecurity Operations 2020
The State of IT & Cybersecurity Operations 2020
Download this report from InformationWeek, in partnership with Dark Reading, to learn more about how today's IT operations teams work with cybersecurity operations, what technologies they are using, and how they communicate and share responsibility--or create risk by failing to do so. Get it now!
Slideshows
IT Careers: 10 Industries with Job Openings Right Now
Cynthia Harvey, Freelance Journalist, InformationWeek,  5/27/2020
Commentary
How 5G Rollout May Benefit Businesses More than Consumers
Joao-Pierre S. Ruth, Senior Writer,  5/21/2020
News
IT Leadership in Education: Getting Online School Right
Jessica Davis, Senior Editor, Enterprise Apps,  5/20/2020
Register for InformationWeek Newsletters
Video
Current Issue
Key to Cloud Success: The Right Management
This IT Trend highlights some of the steps IT teams can take to keep their cloud environments running in a safe, efficient manner.
White Papers
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll