Enthusiasm for Docker containers continues to mount across the cloud, and as the number of Docker containers continues to multiply, this creates some security challenges. To address this issue, Cloud Passage, a provider of software-defined security software, announced today that it is adding support for Docker containers.
Cloud Passage CTO Amrit Williams says that all the security and management issues associated with virtual machines apply even more so to Docker containers. Because Docker containers are much simpler to spin up, developers tend to set up a lot more of them than virtual machines. The attack surface of each Docker container may be smaller than a virtual machine, but it seems that soon there will likely be a lot more Docker containers than virtual machines.
Cloud Passage enables IT organizations to define configuration policies, assess vulnerabilities, monitor changes made to those configurations and detect intrusions and micro-segment firewalls to secure both the core Docker Engine and a Docker container.
There has been a lot debate from a security perspective over where a Docker container should actually run. But Williams says that regardless of whether that Docker container is deployed in a physical server, on top of a virtual machine or within a platform-as-a-service (PaaS) environment, it needs to be secured. Obviously, if it’s running on a virtual machine or a PaaS, the security framework used to secure those environments can be extended to the Docker container. Cloud Passage, says Williams, gives IT organizations a security framework that can be applied to physical servers, virtual machines or Docker containers.
At the moment, there are very few Docker containers running in production environments. But given the broad adoption of Docker containers in application development and testing environments, it’s only a matter of time before securing Docker containers that are running production applications becomes a much higher priority.