Container security is the process of enforcing security measures and policies that will ensure you that everything in your container runs as planned, and only as planned. It involves securing the network, the supply chain to the applications, runtime, and all in between.
Keeping this in mind the container securing process is continuing. This should be incorporated into the development process, streamlined to reduce the amount of manual touchpoints, and applied to underlying network maintenance and service. It means preserving images of your create pipeline container and host, server, and framework layers for runtime. Implementing security as part of the continuous life cycle of distribution ensures the company mitigates risk and eliminates vulnerabilities across an ever-growing surface of attack.
When securing containers, the main concerns are:
• The security of the container host
• Container network traffic
• The security of your application within the container
• Malicious behavior within your application
• Securing your container management stack
• The foundation layers of your application
• The integrity of the build pipeline