Guidance on how to build and use containerised applications securely. Containers are a common approach for packaging and deploying applications, standardised by the Open Container Initiative (OCI). By National Cyber Security Centre.
Containerising an application is a great enabler for improving its security, making it easier to both understand and simplify the execution environment and its dependencies. This in turn makes it easier to apply other techniques to improve security.
This article then reads about:
- Terminology
- Building container images
- Secure the base image supply chain
- Minimise the image contents
- Harden the image configuration
- Apply security updates effectively
- Scan images for vulnerabilities and misconfiguration
- Maintain an image audit trail
- Running containers
- Containerisation in the Cloud
Containerisation is used widely in the cloud, both by cloud providers to deliver their services and by the customers of those services. Uou should expect containerisation to be built on the cloud platform, taking full advantage of other core services. The container ecosystem should integrate well with the rest of the platform, so that it can share the platform’s security benefits. Nice one!
[Read More]