![Helping Non-Security Stakeholders Understand ATT&CK in 10 Minutes or Less [VIDEO]](https://assets.crowdstrike.com/is/image/crowdstrikeinc/video-ATTCK2-1)
![Qatar’s Commercial Bank Chooses CrowdStrike Falcon®: A Partnership Based on Trust [VIDEO]](https://assets.crowdstrike.com/is/image/crowdstrikeinc/Edward-Gonam-Qatar-Blog2-1)
![Endpoint Protection and Threat Intelligence: The Way Forward [VIDEO]](https://assets.crowdstrike.com/is/image/crowdstrikeinc/GK-Blog_Images-1)
Between the growth of cloud-native applications and the demands of faster application delivery, the use of containers is widely predicted to continue to increase. In fact, a recent study conducted by Enterprise Strategy Group (ESG) for CrowdStrike, “The Maturation of Cloud-native Security: Securing Modern Apps and Infrastructure,” found that container adoption has grown 70% over the last two years, and there is projected to be a 50% increase in cloud-resident workloads over the next 24 months. This increase is also driving the need for container security and orchestration solutions. Like any other technology deployed in production environments, containers have to be properly configured, provisioned, secured and monitored. That last piece — monitoring — is vital. Many containers are short-lived, and the sheer number of them creates challenges around visibility. Obtaining visibility is also complicated due to the scope of the DevOps environment and a lack of integration between disparate tools. To properly enable the use of containers, organizations need to be able to extend security from the base images being used all the way to production.
A False Sense of Safety
Containers do not magically make everything secure — yet organizations often act as though they do. It is not uncommon, for example, for images to run with root privileges — which in many cases is likely a violation of the principle of least privilege. Then there is the fact that developers often utilize code from third-party libraries. Not all of this code, unfortunately, is secure. For example, in April 2020, Microsoft reported that Azure Security Center had uncovered of a widespread cryptocurrency mining attack against Kubernetes clusters caused by containers running an image laced with
XMRig, a very popular open-source Monero miner. Older images may contain vulnerabilities that can be exploited by attackers. If one container is compromised, it can serve as a gateway to a deeper compromise into the environment. While immutability provides benefits for automation and deployment, it also makes it vital to catch vulnerabilities early in the CI/CD process. Attempting to bolt on security later will only cause organizations to miss vulnerabilities that could have been caught prior to the containers being deployed.
A New Way Is Needed
To avoid becoming a roadblock, security must keep pace with innovation. In the DevOps world, that means applying the security controls and processes needed without slowing down the speed of application delivery. This reality has resulted in a shift-left approach to security and also forced security teams to get up-to-speed.
Part of the challenge is that traditional security solutions and processes don’t typically work well in DevOps environments where automation and speed are critical. Manual security processes cannot keep up with the rapid change needed to protect containers, and traditional tools lack the visibility into those containers that organizations need. Using disparate, siloed tools will not be effective either, as the poor integration just serves to add more complexity.
Embrace Containerization — But Do It Securely
Even with the challenges, businesses should not shy away from containers. With the right solution, organizations can weave security into their DevOps environment and CI/CD pipeline to secure containers from the development phase to the end of their lifecycle. To learn more about how CrowdStrike can help you protect containerized environments, and enable DevOps teams to deploy applications with greater speed and efficiency, visit crowdstrike.com.
Additional Resources
- Learn about CrowdStrike’s powerful cloud security solutions by visiting the web page.
- Learn more about comprehensive breach defense and container security with Falcon Cloud Workload Protection.
- Learn how CrowdStrike makes cloud security posture management simple —
visit the Falcon Horizon™ product webpage. - Test CrowdStrike next-gen AV for yourself. Start your free trial of Falcon Prevent™ today.
