Ben Bernstein, CEO, Twistlock

Author Archives: Ben Bernstein, CEO, Twistlock

Six runtime threat detection and response tips for container security

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach. Security for containers has evolved quite substantially over the past year, but there is still a lot of education that needs to be done. The key point being that the biggest difference in this new paradigm is that everything is based on continuously delivered, micro-service based, applications. The fact that the technology enabler for that paradigm is containers is really less of an issue. When it comes to containerized applications, everyone seems to be in agreement - statically analyzing what an application can do inside a container and rejecting non-security compliant images and/or vulnerable images is a must. However, no matter how good a job you do with vulnerability scanning and container hardening, there are unknown bugs and vulnerabilities that may manifest in the runtime and cause intrusions or compromises. That is why it’s so important to outfit your system with real-time threat detection and incident response capabilities.To read this article in full or to leave a comment, please click here

Six runtime threat detection and response tips for container security

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

Security for containers has evolved quite substantially over the past year, but there is still a lot of education that needs to be done. The key point being that the biggest difference in this new paradigm is that everything is based on continuously delivered, micro-service based, applications. The fact that the technology enabler for that paradigm is containers is really less of an issue.

When it comes to containerized applications, everyone seems to be in agreement - statically analyzing what an application can do inside a container and rejecting non-security compliant images and/or vulnerable images is a must. However, no matter how good a job you do with vulnerability scanning and container hardening, there are unknown bugs and vulnerabilities that may manifest in the runtime and cause intrusions or compromises. That is why it’s so important to outfit your system with real-time threat detection and incident response capabilities.

To read this article in full or to leave a comment, please click here