TALKING
‘‘ business
During the past year , increased demand for cloud services has caused many IT and security teams to accelerate their cloud migrations . As teams work through the initial liftand-shift phases – where existing server workloads and operations are moved to the cloud – they quickly find the need to adopt more efficient and secure application delivery strategies that leverage DevOps methodologies , serverless frameworks and containers technologies .
Move faster with Sophos Container Security
To move fast and stay secure , every organisation needs visibility of its cloud security posture . This ensures that security remains the enabler for cloud transformation .
With Cloud Optix , Sophos makes advanced Cloud Security Posture Management available to businesses of all sizes and cloud maturity levels .
We ’ ve now enhanced the service to include container image scanning :
• Cloud Optix provides visibility of container assets across multi-cloud environments
• Vulnerability scanning identifies exploitable operating system vulnerabilities in container images
• Fixes for insecure container images are automatically identified
What are containers ?
Containers are a lightweight and portable way to build , test and deploy applications in the cloud . They make it easy for development teams to put new versions of software live quickly .
This is largely helped by way of off-the-shelf public registry container images available to fast-track development work .
Compared to virtual machines ( VMs ), containers do not run a complete operating system ; this is what makes them so lightweight and portable . All the files needed to run the container are provided from the container image , allowing a single container to be used to run anything from a software process to a larger application .
A rise in the use of Kubernetes and Docker services – and increased adoption of DevOps methodologies – have all contributed to this popularity .
Containers are mainstream
According to 451 Research , 95 % of all new applications are now using containers . And along with increased container use , attackers have been busy exploiting vulnerabilities .
There have been many incidents of container security breaches , including elevation of privileges and allowing malware to be installed .
As noted , developers utilise off-the-shelf images from public registries as a base for application development – and such images can contain security vulnerabilities .
According to recent research at least 11 % percent of open-source components consumed by developers have at least one known vulnerability .
Organisations need to be aware of the risks and identify vulnerabilities before applications are released to production or live environments , where attackers can exploit these inherent weaknesses .
Rich Beckett , Public Cloud Senior Product Marketing Manager , Sophos
There have been many incidents of container security breaches , including elevation of privileges and allowing malware to be installed .
www . intelligentcio . com INTELLIGENTCIO MIDDLE EAST 37