Container Security in Cloud Environments: A Comprehensive Analysis and Future Directions for DevSecOps
In recent years, the security of containers has become a crucial aspect of modern software applications’ security and integrity. Containers are extensively used due to their lightweight and portable nature, allowing swift and agile deployment across different environments. However, the increasing po...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2023-12-01
|
| Series: | Engineering Proceedings |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2673-4591/59/1/57 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | In recent years, the security of containers has become a crucial aspect of modern software applications’ security and integrity. Containers are extensively used due to their lightweight and portable nature, allowing swift and agile deployment across different environments. However, the increasing popularity of containers has led to unique security risks, including vulnerabilities in container images, misconfigured containers, and insecure runtime environments. Containers are often built using public repository images and base image vulnerability is inherited by containers. Container images may contain outdated components or services, including system libraries and dependencies and known vulnerabilities from these components can be exploited. Images downloaded from untrusted sources may include malicious code that compromises other containers running in the same network or the host system. Base images may include unnecessary software or services that increase the attack surface and potential vulnerabilities. Several security measures have been implemented to address these risks, such as container image scanning, container orchestration security, and runtime security monitoring. Implementing a solid security policy and updating containers with the latest patches can significantly improve container security. Given the increasing adoption of containers, organizations must prioritize container security to protect their applications and data. This work presents automated, robust security techniques for continuous integration and continuous development pipelines, and the added overhead is empirically analyzed. Then, we nail down specific research and technological problems the DevSecOps community encounters and appropriate initial fixes. Our results will make it possible to make judgments that are enforced when using DevSecOps techniques in enterprise security and cloud-native applications. |
|---|---|
| ISSN: | 2673-4591 |