Some concerning data points about container security threats
🚨61% of the container images used today are sourced from public open-source repositories
🚨 75% of Containers in the production environments run with high/critical severity vulnerabilities
🚨 76% of Container Images have containers run with root privileges
🚨 56% of the various images in use have high/critical severity due to the Non-OS packages dependencies
Source: Sysdig's container security report - https://lnkd.in/gB8f_RU3
Common sources of vulnerabilities and risks
Multiple vulnerabilities and risk sources exist in your cloud platform:
💥 Vulnerable package(s) in the base container image
💥 3rd party libraries and supply chain
💥 Exposed secrets, malicious files and misconfiguration
5 surefire ways of securing containers
There are certain well-established ways that are commonly followed by different enterprises that have adopted cloud-native to secure containers:
1️⃣ Shift your security left
2️⃣ Scan images in CI/CD pipelines and in registries
3️⃣ Block violating images with K8s admission controller
4️⃣ Focus on runtime security
5️⃣ Prioritize risks to fix as per the runtime insights you have
Developers drowning in vulnerabilities
Vulnerability overload is real:
⦿ Developers see 1000s of issues in their Vulnerability reports
⦿ Lack of clarity on where to focus remediation efforts
⦿ Sifting through the noise takes away time from development efforts
Addressing vulnerability overload
✅ Focus on the packages used in running containers
✅ Focus on exploitable vulnerabilities
✅ Utilize a tool such as Sysdig Secure which has a feature like risk spotlight enabled (https://lnkd.in/g2KUbRPX) that can leverage runtime insights for your risk prioritization!
To learn more about improving your container security
⭐️ For Google Cloud watch this webinar - https://lnkd.in/gV2Tuuy9
⭐️ For Microsoft Azure watch this webinar - https://lnkd.in/gUjRcvzu
⭐️ For AWS watch this webinar - https://lnkd.in/gjZTxqh3
Top comments (0)