Linux Container Security: Evaluating Security Measures for Linux Containers in DevOps Workflows
Keywords:
Linux Containers, Security, DevOps, Kubernetes, DockerAbstract
Linux containers have changed software development & the deployment, thereby improving the agility, scalability & the efficiency of DevOps techniques. By grouping programs and their dependencies—from development to production—containers provide consistency across the contexts. Still, their great usage has created fresh security problems. Unlike traditional virtual machines, containers run on the host kernel, which increases their vulnerability to problems like supply chain attacks, privilege escalation & the container escapes. Insecure environments, outdated pictures & the poorly managed access limits might expose companies to leaks. To allay these issues, thorough security systems have to be followed all over the lifetime of the container. Using reliable registries, doing vulnerability analyses & guaranteeing frequent updates help to protect the container images. Limited privilege access, process monitoring, network segmentation & the runtime security methods help to reduce lateral movement & unwanted access within the clusters. Embedding security at every stage of development, automating compliance checks & routinely enforcing standards all depend on DevSecOps techniques. Kubernetes and other container orchestration technologies bring problems that need specific hardening solutions such as security rules enforcement, role-based access control (RBAC) & the safeguarding API access. Preventing data & apps depends on aggressive protection as containerization takes the stage. Strong DevOps systems improve general system resilience and help to minimize the vulnerabilities, hence lowering possible attack points. Including security best practices into the containerized systems helps companies to maintain security integrity while also using Linux containers' benefits. This paper investigates important security issues in the containerized systems and provides a complete evaluation of the strategies to guard Linux containers within DevOps pipelines.
Downloads
References
Candel, Jose Manuel Ortega. DevOps and Containers Security: Security and Monitoring in Docker Containers. BPB Publications, 2020.
Candel, Jose Manuel Ortega. DevOps and Containers Security: Security and Monitoring in Docker Containers. BPB Publications, 2020.
Candel, Jose Manuel Ortega. DevOps and Containers Security: Security and Monitoring in Docker Containers. BPB Publications, 2020.
Candel, Jose Manuel Ortega. DevOps and Containers Security: Security and Monitoring in Docker Containers. BPB Publications, 2020.
Lamponen, Niclas. "Implementation of secure workflow for DevOps from best practices viewpoint." (2021).
Mattetti, Massimiliano, et al. "Securing the infrastructure and the workloads of linux containers." 2015 IEEE Conference on Communications and Network Security (CNS). IEEE, 2015.
Agarwal, Gaurav. Modern DevOps Practices: Implement and secure DevOps in the public cloud with cutting-edge tools, tips, tricks, and techniques. Packt Publishing Ltd, 2021.
Schicchi, Mirko, et al. Security in DevOps: understanding the most efficient way to integrate security in the agile software development process. Diss. Master’s thesis, University of Turku]. Utupub. fi. https://www. utupub. fi/bitstream/handle/10024/150662/Schicchi_Mirko_Thesis. pdf, 2020.
Hsu, Tony Hsiang-Chih. Hands-On Security in DevOps: Ensure continuous security, deployment, and delivery with DevSecOps. Packt Publishing Ltd, 2018.
Pham, Bao Khanh, and Sohrab Chalishhafshejani. Automated software security activities in a continuous delivery pipeline. MS thesis. uis, 2021.
Koskela, Pyry. "Automated Security Testing Utilizing Continuous Integration and Continuous Delivery Technologies." (2021).
Viitasuo, Ella. "Adding security testing in DevOps software development with continuous integration and continuous delivery practices." (2020).
Mattetti, Massimiliano, et al. "Security hardening of Linux containers and their workloads." Security hardening of linux containers and their workloads, CIRI ICT, University of Bologna, Ben-Gurion University (2015).
Jagelid, Michelle. "Container vulnerability scanners: An analysis." (2020).
Vadapalli, Sricharan. DevOps: continuous delivery, integration, and deployment with DevOps: dive into the core DevOps strategies. Packt Publishing Ltd, 2018.
