Containers — which are lightweight software packages that include entire runtime environments — have solved the issues of portability, compatibility and rapid, controlled deployment. Containers include an application; all its dependencies, libraries and other binaries; and configuration files needed to run them.
Heralding the era of microservices, Infrastructure as Code and service-oriented architectures (SOA), containers are supported by many of the most popular cloud infrastructures and power most mobile applications today.
In less than a decade, the application isolation concept known as containers has surged to the very forefront of cutting-edge computing technology, riding the wave of cloud computing. In the same way that x86 virtualization technology transformed data center computing, containers have redefined the best-of-breed approaches for delivering application performance at scale.
Defining the Problem
Just like any computing system, containers are made of software components, any of which can contain flaws and vulnerabilities. Vulnerability management for containers is the process of identifying, prioritizing and fixing vulnerabilities that could potentially expose containers. Exposures can easily include the other systems, applications and data to which containers are connected. Defects in these components could allow an attacker to gain control of a system and supply access to sensitive data, resulting in financial loss, reputational damage and system outages.
As the popularity of container technology increases, so does the importance of detecting and remediating vulnerabilities in the code used to create, operate and manage them.
Learn more about containers
Challenges
Where to Detect Vulnerabilities
A typical organization making use of containers follows a development pipeline that ..
Support the originator by clicking the read the rest link below.
