Cloud Passage Moves to Secure Docker Containers

    Slide Show

    Security Trends 2015: Developments in Exploits and Evasion

    Enthusiasm for Docker containers continues to mount across the cloud, and as the number of Docker containers continues to multiply, this creates some security challenges. To address this issue, Cloud Passage, a provider of software-defined security software, announced today that it is adding support for Docker containers.

    Cloud Passage CTO Amrit Williams says that all the security and management issues associated with virtual machines apply even more so to Docker containers. Because Docker containers are much simpler to spin up, developers tend to set up a lot more of them than virtual machines. The attack surface of each Docker container may be smaller than a virtual machine, but it seems that soon there will likely be a lot more Docker containers than virtual machines.

    Cloud Passage enables IT organizations to define configuration policies, assess vulnerabilities, monitor changes made to those configurations and detect intrusions and micro-segment firewalls to secure both the core Docker Engine and a Docker container.

    There has been a lot debate from a security perspective over where a Docker container should actually run. But Williams says that regardless of whether that Docker container is deployed in a physical server, on top of a virtual machine or within a platform-as-a-service (PaaS) environment, it needs to be secured. Obviously, if it’s running on a virtual machine or a PaaS, the security framework used to secure those environments can be extended to the Docker container. Cloud Passage, says Williams, gives IT organizations a security framework that can be applied to physical servers, virtual machines or Docker containers.

    At the moment, there are very few Docker containers running in production environments. But given the broad adoption of Docker containers in application development and testing environments, it’s only a matter of time before securing Docker containers that are running production applications becomes a much higher priority.

    Mike Vizard
    Mike Vizard
    Michael Vizard is a seasoned IT journalist, with nearly 30 years of experience writing and editing about enterprise IT issues. He is a contributor to publications including Programmableweb, IT Business Edge, CIOinsight and UBM Tech. He formerly was editorial director for Ziff-Davis Enterprise, where he launched the company’s custom content division, and has also served as editor in chief for CRN and InfoWorld. He also has held editorial positions at PC Week, Computerworld and Digital Review.

    Latest Articles