Back to glossary

Container Security

The practice of protecting containerized applications and their underlying infrastructure throughout the entire lifecycle.

Categorysecurity

Overview

Container security involves securing the container images, the container runtime (e.g., Docker), the orchestration platform (e.g., Kubernetes), and the host operating system. It requires a 'shift left' approach, starting from the build phase.

Key Areas of Focus

  • Image Scanning: Checking container images for vulnerabilities and malware before deployment.
  • Runtime Protection: Monitoring running containers for suspicious activity or unauthorized changes.
  • Network Security: Implementing micro-segmentation to restrict communication between containers.
  • Access Control: Using RBAC to limit who can manage and access containers.
  • Host Hardening: Securing the underlying OS that runs the container engine.

Importance

As organizations move to microservices and cloud-native architectures, container security is essential for protecting highly dynamic and distributed environments.

Related Terms

Kubernetes Security