CA Southern Africa unmasks container security

Issue 8 2022 IT infrastructure, Cyber Security

Craig De Lucchi.

Container security is a fairly new technology, especially when viewed in the context of the speed-of-light technology changes in the 4th industrial revolution (4IR). Container technology itself is a topic that many security practitioners continue to find confusing, but its use is spreading fast, says Craig De Lucchi, account director, CA Southern Africa.

“Let’s unpack what does containerisation mean? While definitions differ, but only slightly in the wording, all come down to the same conclusion and that is that containerisation is a form of operating system (OS) virtualisation where applications that use a shared OS run in isolated user spaces, called containers. Software containers are lightweight, standalone, executable packages of software that include everything required to run them. Containers include code, runtime, settings, system libraries and tools and can be used with both Linux and Windows-based applications. By isolating software from its surroundings, software containers enable code to run consistently, regardless of the environment in which it is operating. In short, an application container is a fully packaged and portable computing environment.”

De Lucchi confirms adoption of software containers has risen dramatically as more organisations realise the benefits of this virtualised technology, however, despite the inherent value they add, software containers also bring significant risks. Lack of visibility into containers means security teams are often unable to discern whether there are issues within the code. Moreover, containers are rarely scanned for vulnerabilities before or after being deployed to production.

How to secure a software container

Let’s talk to the developers in a world where security skills are no longer optional for them. There are several steps that developers can take to help secure software containers. These include enforcing the use of trusted container image repositories, eliminating image clutter by continuously monitoring what’s inside containers, and using secrets management tools to protect sensitive data. Scanning software containers for vulnerabilities is also critical.

The Gartner Security & Risk Management Summit 2022 provided a number of recommendations and added clarity by segmenting container security into three sections:

• Securing container images.

• Securing the orchestration plane.

• Securing containers at runtime.

“So, in a business landscape constantly under threat from cyberattack vectors, the real issue to focus on is security. The upside of the coin is that while the security implications appear increasingly intense, it must be noted that solutions are evolving just as fast,” concludes De Lucchi.

For more information, contact CA Southern Africa, +27 11 417 8594, [email protected],


Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Five IT trends to watch in 2023
IT infrastructure
The efforts made by South African companies in 2021 and 2022 have positioned them well for the next wave of growth and innovation — or for continued economic disruption.

Boost enterprise data resilience
Arcserve Southern Africa IT infrastructure
Arcserve Unified Data Protection 9.0 offers unified, multi-tenant cloud-based management, enhanced data availability, durability, and scalability with Cloud Object Storage, and expanded support for Oracle DB and Microsoft SQL Server.

What to do in the face of growing ransomware attacks
Technews Publishing Cyber Security Security Services & Risk Management
Ransomware attacks are proliferating, with attackers becoming more sophisticated and aggressive, and often hitting the same victims more than once, in more than one way.

Texecom launches the Midnight Black Collection
Technews Publishing Perimeter Security, Alarms & Intruder Detection Products
Working in harmony with darker environments, the Midnight Black Collection has been created for businesses and sites that require or prefer a security solution which offers discreet protection that compliments their surroundings.

SAN market set for growth
Technews Publishing News IT infrastructure
Storage-area network (SAN) market to hit US$ 26,86 billion in revenue by the end of 2029 due to factors like widespread adoption of Hybrid SAN-NAS solutions.

Optimising remote technical support
Technews Publishing Asset Management, EAS, RFID Products
Sanden Intercool Kenya improves efficiency, removes manual processes with FIELDForce from MACmobile, making its technical backup and support staff more productive, while also optimising record keeping.

Enterprise threats in 2023
News Cyber Security
Large businesses and government structures should prepare for cybercriminals using media to blackmail organisations, reporting alleged data leaks, and purchasing initial access to previously compromised companies on the darknet.

Advanced server performance and energy efficient design
Editor's Choice IT infrastructure Products
Dell PowerEdge server portfolio expansion offers more performance, including up to 2.9x greater AI inferencing while Dell Smart Flow design and Dell Power Manager software advancements deliver greater energy efficiency.

Free-to-use solar score for South African homes
Technews Publishing Editor's Choice
The LookSee Solar Score is one of the first of its kind to provide insight into the potential of solar power for South Africa’s residential properties.

Gallagher to showcase new Controller 7000 single door
Technews Publishing Access Control & Identity Management Products
Gallagher will be showcasing its latest access control innovation, the Controller 7000 Single Door on its stand at Intersec Dubai from 17-19 January 2023.