CA Southern Africa unmasks container security

Issue 8 2022 Infrastructure, Information Security


Craig De Lucchi.

Container security is a fairly new technology, especially when viewed in the context of the speed-of-light technology changes in the 4th industrial revolution (4IR). Container technology itself is a topic that many security practitioners continue to find confusing, but its use is spreading fast, says Craig De Lucchi, account director, CA Southern Africa.

“Let’s unpack what does containerisation mean? While definitions differ, but only slightly in the wording, all come down to the same conclusion and that is that containerisation is a form of operating system (OS) virtualisation where applications that use a shared OS run in isolated user spaces, called containers. Software containers are lightweight, standalone, executable packages of software that include everything required to run them. Containers include code, runtime, settings, system libraries and tools and can be used with both Linux and Windows-based applications. By isolating software from its surroundings, software containers enable code to run consistently, regardless of the environment in which it is operating. In short, an application container is a fully packaged and portable computing environment.”

De Lucchi confirms adoption of software containers has risen dramatically as more organisations realise the benefits of this virtualised technology, however, despite the inherent value they add, software containers also bring significant risks. Lack of visibility into containers means security teams are often unable to discern whether there are issues within the code. Moreover, containers are rarely scanned for vulnerabilities before or after being deployed to production.

How to secure a software container

Let’s talk to the developers in a world where security skills are no longer optional for them. There are several steps that developers can take to help secure software containers. These include enforcing the use of trusted container image repositories, eliminating image clutter by continuously monitoring what’s inside containers, and using secrets management tools to protect sensitive data. Scanning software containers for vulnerabilities is also critical.

The Gartner Security & Risk Management Summit 2022 provided a number of recommendations and added clarity by segmenting container security into three sections:

• Securing container images.

• Securing the orchestration plane.

• Securing containers at runtime.

“So, in a business landscape constantly under threat from cyberattack vectors, the real issue to focus on is security. The upside of the coin is that while the security implications appear increasingly intense, it must be noted that solutions are evolving just as fast,” concludes De Lucchi.

For more information, contact CA Southern Africa, +27 11 417 8594, Heidi.Ziegelmeier@CAafrica.co.za, www.ca.com/za


Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Alarms are smarter than ever
Spectrum Security Products Technews Publishing SMART Security Solutions Arxtech Perimeter Security, Alarms & Intruder Detection
Modern smart alarms are evolving beyond simple sirens and basic alerts. They now include features such as system health checks, remote management, real-time notifications, mobile apps, and multiple communication options.

Read more...
From the editor's desk: The high price of cheap
Technews Publishing News & Events
Bringing fire and safety, along with intrusion and perimeter protection, into the same publication is an interesting exercise. At their core, all these systems exist for one reason: to warn people ...

Read more...
Fire safety in South Africa
Technoswitch Fire Detection & Suppression Technews Publishing SMART Security Solutions Editor's Choice Fire & Safety Security Services & Risk Management
Fire safety is sometimes ignored, sometimes relegated to whatever is cheapest, and sometimes treated with the seriousness it deserves, given that it focuses on protecting life and assets. SMART Security Solutions asked Brett Birch, MD of Technoswitch, for some insights into the realities of fire safety in South Africa.

Read more...
Preventing and suppressing lithium fires
SMART Security Solutions Technews Publishing Editor's Choice Fire & Safety Security Services & Risk Management Smart Home Automation
SMART Security Solutions asked Clyde Becker, director of Pyro Brand, for some insight into the mechanics of lithium-ion battery fire risks, especially thermal runaway, and to define a comprehensive, layered approach to fire detection and suppression.

Read more...
Integrated layers offer dependable security
OPTEX SMART Security Solutions Technews Publishing Perimeter Security, Alarms & Intruder Detection Integrated Solutions
A layered approach to security tightens protection and minimises downtime and operational risk. Moreover, integrating all the parts of a solution and proving they can do the job before spending money are critical.

Read more...
Echoes of 2018? Follow-up on Woolworths explosions
Technews Publishing News & Events Security Services & Risk Management Retail (Industry) Facilities & Building Management
SMART Security Solutions follows up with Jimmy Roodt to find out more about an old connection to the Woolworths bombings from 2018. The investigation remains ongoing.

Read more...
Sophos establishes South African legal entity to strengthen local operations
News & Events Information Security
Global cybersecurity company, Sophos, has announced the formation of its local legal entity, which will support local invoicing, partner enablement, compliance requirements and expanded regional investment.

Read more...
From drone market growth to application-level commercialisation
IoT & Automation Infrastructure
After years of pilot projects and technology validation, the question for the market is shifting from whether drones can fly safely and collect data, to where they can deliver repeatable operational value at scale.

Read more...
AI-enabled NVR for Milestone XProtect
Surveillance Infrastructure Products & Solutions
As surveillance environments continue to grow in scale and complexity, organisations need infrastructure that is easy to deploy, simple to manage, and ready for AI-driven workloads.

Read more...
71% of organisations suffered an identity breach
News & Events Information Security
The State of Identity Security 2026 report from Sophos finds human error and poor non-human identity management are the root causes of most attacks, as agentic AI accelerates the risk.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.