If your organisation has been considering containers, then security concerns will almost certainly be paramount. Alert Logic, an information security provider, thinks it may have the answer.
The company has launched what is claimed to be the industry’s first intrusion detection system for containers which aims to ‘bring organisations powerful new capabilities to inspect network traffic for malicious activity targeting containers’, in the company’s words.
As Alert Logic is an AWS partner, this release, as part of the company’s Cloud Defender and Threat Manager solutions, focuses on containers deployed on AWS. This does of course include Docker, Kubernetes and CoreOS, as well as Amazon’s Elastic Container Service.
The product aims to snaffle malicious activity at the network layer providing greater visibility into container attacks. According to 451 Research, organisations are delaying container adoption because of security concerns, despite a global market which could top $4 billion by 2022.
“Without real-time detection capabilities, attackers and intruders can lurk within containers installing trojans, malware, ransomware and cryptominers or even corrupting and exfiltrating data,” said Chris Noell, Alert Logic senior vice president of engineering in a statement. “Network detection is critical to providing the visibility into container attacks that other approaches miss.”
As this publication has previously explored, there have been various examples of organisations leaving applications and instances open. In February, security researchers from RedLock revealed that hackers had been running crypto mining scripts on unsecured Kubernetes instances owned by Tesla, while further research found Weight Watchers had also left Kubernetes instances open.
In June, a survey from CyberArk found that IT jobs with the word ‘Kubernetes’ in the title shot up year over year – so the need for security is evident. According to Lacework, who revealed the Weight Watchers snafu, organisations need to perform a few tasks to get up to speed with a Kubernetes security policy. Companies need to build a pod security policy, configure pods to run real-only file systems, and restrict privilege escalation, among other tips.
You can find out more about Alert Logic’s container security tools here.