fbpx

IT Blog

Uncategorized

Security Think Tank: Container security: why so different? – ComputerWeekly.com

Maksim Kabakou – Fotolia
Containerisation has exploded in recent years because it allows for the optimisation of available resources and the minimisation of costs and overhead associated with accomplishing business objectives.
Done well, it is the model for securing the enterprise. In fact, containerisation and microservices architectures are the closest example of breaking down business value into its atomic units with an architecture to support it.
Developments in securing workloads throughout the lifecycle force continuous creative thinking around risk, threat modelling, and protective mechanisms. This has forced architecture and engineering teams to think about delivering business value in its so-called atomic units and has given security teams an advantage in constructing comprehensive threat models and protection mechanisms that cover all phases of the time-to-value lifecycle.
In fact, observability is the only area where we see a great maturity model outside of containers. Blend the two and it creates comprehensive protection, detection and response mechanisms across the enterprise. Businesses that focus their teams on solving container security leverage will help accelerate positive change everywhere else.
With containers, teams now think intuitively about the relationships between different phases of development and value lifecycle, as well as the relationships between resources within each of the phases. Savvy security teams have taken this opportunity to think creatively about risk (threat modelling), and layering in protection and detection natively.
As a result, approaches to container security and the supporting lifecycles represent some of the most mature thinking and applications of security in the industry.
However, the mechanisms we have developed to secure the business through the container lifecycle are applicable across the board. We must leverage our learnings to create comprehensive identification, protection and detection mechanisms across the broader enterprise.
Practical steps to take:
Bernard Brantley is CISO at Corelight, a specialist in network detection response and threat hunting
Big tech companies aren’t the only ones who should worry about repercussions from whistleblowers. CIOs from all industries should…
An open metaverse that mimics how we operate in the real world depends on interoperability. What is interoperability, why is it …
It’s early days for metaverse platforms, especially those geared for the enterprise. Here’s what to know and which platforms to …
Computer forensic investigators require more than software to do their job. Learn what equipment constitutes a complete computer …
For those interesting in becoming a computer forensics investigator, learn about the career and what to expect, as well as why …
This podcast episode discusses threat intelligence vendor SOCRadar’s disclosure of a large Microsoft data leak and the …
The difference between 802.11ac and 802.11ax is significant. The two wireless standards differ notably in features such as AP …
Networking pros are no longer in their own bubbles, even if they prefer it that way. The growth of cloud, security and automation…
Vendors’ network monitoring tools can require complex customization after purchase. New EMA research points to the need for tools…
Data center network optimization can improve business impact and promote long-term equipment health. Look to pilot new equipment,…
Airflow in data centers is crucial for equipment health. While the hot aisle/cold aisle is popular, examine other options like …
File server reporting within File Server Resource Manager can help admins identify problems and then troubleshoot Windows servers…
The startup’s technology aims to help enterprises liberate data from applications where it can be locked so that users can more …
InfluxData updated its InfluxDB Cloud database service with a new engine, new storage and real-time data capabilities, and …
Data quality challenges pose a threat to organizations’ decision-making. Inaccurate, inconsistent, missing and duplicate data …
All Rights Reserved, Copyright 2000 – 2022, TechTarget

Privacy Policy
Cookie Preferences
Do Not Sell My Personal Info

source