Skip to main content
padlock icon - secure page this page is secure

DevOps security improvements through effective use of container technology

The full text article is not available for purchase.

The publisher only permits individual articles to be downloaded by subscribers.

The move toward cloud-native deployments will diminish the use of traditional server-based, hypervisor-driven virtualisation that delivers virtual machines (VM). As a result, the adoption of application-centric, container-based virtualisation will escalate. Containers and VMs are similar in their goals: to isolate an application and its dependencies into a self-contained unit that can run anywhere.1 Since cloud deployments are heavily geared towards agility, optimisation and automation, container-based technologies are riding the wave of rapid adoption, particularly in DevOps-oriented environments. Containers provide great flexibility for DevOps teams to tool up for frictionless service delivery life cycles. This presents an almost unprecedented opportunity to embed security into the software delivery pipeline, rather than graft on security checks, container monitoring and policy for access controls as an afterthought.2 Containers are not without problems, however. From a security perspective, if left unchecked, the technology is susceptible to many issues including supply chain risks and many forms of vulnerabilities originating from poor configuration and operational management. This could result in production environment compromise through targeted cyberattacks. This paper addresses the key activities to achieve hygiene in high-velocity, security-focused DevOps deployments.
No References
No Citations
No Supplementary Data
No Article Media
No Metrics

Keywords: DevOps; DevSecOps; SDLC; container; container security; containerisation; cyber security; docker; hacking; kill chain; micro services; secure development life cycle; service delivery life cycle; virtual machine (VM); virtualisation; vulnerability management; web application security

Document Type: Research Article

Publication date: January 1, 2018

More about this publication?
  • Cyber Security is the major new peer-reviewed journal publishing in-depth articles and case studies written by and for cyber security professionals. It will showcase the latest thinking and best practices in cyber security, cyber resilience, cyber crime and cyber warfare, drawing on practical experience in national critical infrastructure, government, corporate, finance, military and not-for-profit sectors.
  • Editorial Board
  • Information for Authors
  • Subscribe to this Title
  • Terms & Conditions
  • Ingenta Connect is not responsible for the content or availability of external websites
  • Access Key
  • Free content
  • Partial Free content
  • New content
  • Open access content
  • Partial Open access content
  • Subscribed content
  • Partial Subscribed content
  • Free trial content
UA-1313315-29
Cookie Policy
X
Cookie Policy
Ingenta Connect website makes use of cookies so as to keep track of data that you have filled in. I am Happy with this Find out more