Do they contain any malicious software libraries? Are there any bugs? Have they been tampered with? If you don’t know the answers to these questions, you’re leaving your organisation open to vulnerabilities.
Maintaining container security is challenging. Containers don’t have the same architecture as traditional operating systems and virtual machines, making it more difficult to collect “host” evidence. Containers also lack the “snapshot” function that gives you a forensic copy of its memory, file systems and related components.
To make matters worse, containers have short lifespans, so you might not discover a problem before the container is shut down and replaced.
However, there are a few precautions you can take to combat these challenges. Incorporate image scanning, utilise process monitoring and incorporate configuration assessment tools. Whatever you do, make sure to develop and implement a comprehensive container security strategy.
Without one, your plan will be no better than rummaging through your company’s fridge, checking container by container to see if everything adds up. By that point, it’s likely too late. Contain your container situation. It’s better than the alternative.