Posts under Docker Security
What happened? In an email to customers, Kent Lamb, Director of Docker Support, wrote “During a brief period of unauthorized access to a Docker Hub database, sensitive data from approximately 190,000 accounts may have been exposed (less than 5% of Hub users). Data includes usernames and hashed passwords for a small percentage of these users, as well as Github and Bitbucket tokens for Docker autobuilds.” As a result of this breach, it’s possible that images in your Docker Hub repository may have been tampered with or overwritten.
A vulnerability in runC, which allows an attacker to gain host-level code execution by breaking out of a running container, was discovered and reported by Adam Iwaniuk and Borys Poplawski in early January and published as CVE-2019-5736 on 11 February 2019. This vulnerability is highly significant in that it: enables container isolation breakout with minimal interaction from an authorized host user; typically allows an attacker to obtain root privileges on the host; negatively impacts most container environments because many containers run with default Docker security settings and default user (UID 0); and affects runC, the most commonly used low-level container runtime in Docker and Kubernetes environments.
This week StackRox launched the industry’s first ever State of Container Security report. To compile the findings, we surveyed more than 230 IT leaders across operations and security roles. Some responses came as no surprise – the dominance of Docker and Kubernetes, for example, or the breadth of industries using containers to accelerate application roll out. But many results did surprise us – including the extent to which security leads the list of concerns about companies’ container strategies.
Today we posted the news that we’ve adopted StackRox to secure our environment. I wanted to share a bit about our thought process and results in hopes of helping others like us. Security is difficult to manage at every level of technology development, from building a simple web app to running enormous platforms like the tech giants manage — recent tech headlines just prove this point. Like other early-stage SaaS startups, we here at Mux face the combined challenges of having limited resources, a relatively large technology footprint, and the obvious focus on building strong product features.
There has never been a better time to be a DevOps engineer. Compared to traditional web stacks, containerization has dramatically streamlined the task of deploying web services such as databases, key/value stores, and servers. Furthermore, container orchestration tools, like Google’s Kubernetes and Docker Swarm, enable organizations to automate the deployment and management of these containerized applications. But the tools that make life easier and more efficient for engineers can also be a gift to an attacker.
This is a guest blog by Rob Fry, an accomplished architect, inventor and public speaker with 20 years’ experience primarily in large-scale Internet companies and the utility industry. At Netflix he invented FIDO, a patented open source security orchestration platform, and while at Yahoo created the DUBS configuration and automation framework for production servers. Over the past two decades, we’ve seen adoption of new technologies reshaping the landscape of how we operate and secure our businesses.
In the seventh video in our demo series, we’ll take a look at StackRox reports. StackRox gives you summary reports for any period of time to help you get a sense of the risk in your environment. In this video, you can see how we provide a number of preset reports, including an overview summary, alerts by severity, top attacks, policy violations, infected applications and services, top vulnerable services and images, and external infection sources.
Today we are excited to announce a new partnership with Google Cloud Platform (GCP) to jointly deliver end-to-end security across the cloud-native stack for any enterprise. Together, StackRox and Google will accelerate customers’ adoption of secure, containerized application architectures. No company knows more about containers than Google. They have run containers in production for over a decade, and pioneered an ambitious new approach to enterprise computing at scale. Google originated Kubernetes and continues to be its largest contributor in every release, even after more than 58,000 commits.
Four and a half years since it was first introduced, Docker continues to have a profound impact on reshaping how developers build, ship, and run software applications. Few could have anticipated the speed of Docker adoption that we have observed to date with more than 21 million hosts now running Docker, over 24 billion Docker container downloads, and a vibrant ecosystem of 100,000+ third-party projects that incorporate Docker. As the de facto standard for the container runtime and image format, Docker has democratized the ability for anyone to take advantage of container technologies that could previously only be utilized by a handful of the world’s largest, cloud-native companies.
Here is our fifth video in our demo series of our StackRox platform. In this demo, see how you can manage policies for your highly distributed and/or container environments. You can use our preloaded policies, or create new policies, helping you use StackRox to automatically detect attacks, building better security hygiene into your infrastructure in development and production.
In this fourth video of our demo series, I show how our solution gives responders the capabilities to hunt for threats in their environments by looking for malicious indicators. In this video, see how StackRox tracks suspicious events over time and surfaces them if they are used in malicious activity.
The Red Hat OpenShift platform is enabling enterprise organizations to use container technologies such as Docker and Kubernetes to build, deploy, and run applications with unprecedented agility, scale, and speed. In this blog post, I’ll walk through how we’ve integrated StackRox with OpenShift to help our joint customers ensure comprehensive security across their container lifecycle. You can also visit the OpenShift Commons to view a recording of my briefing on this topic from last week, which goes into more details, and provides a live demo of StackRox running with OpenShift.
Here is our third video in our demo series, focusing on search and asset discovery. Watch the video below to learn about StackRox search and enumeration capabilities. See how we are able to leverage data optimization and machine learning, translating millions of signals into queryable infrastructure data at the hands of your security analyst.
DockerCon EU 2017 Recap: Security, Kubernetes, and MTA Hej from Copenhagen! I’ve had the privilege of spending the last few days here at an incredible DockerCon EU. With thousands of attendees from hundreds of companies converging on the City of Spires, it’s clear that the Docker community is thriving across the world. Here are some of the highlights we saw this week. Docker Continues to Grow by Leaps & Bounds At his morning keynote, Steve Singh, CEO of Docker, highlighted the state of the Docker ecosystem, with 21 million hosts running Docker and more than 24 billion (!
In this new blog post by Crate.io, read about how they are using StackRox to secure CrateDB Clusters on Docker. StackRox complements the authentication, access controls, and encryption added in Crate 2.0 Enterprise Edition with comprehensive threat coverage for well-known attack vectors on containerized database applications. The post discusses why security is important for a database like CrateDB, and how to use StackRox to protect your data – walking you through the deployment process.
We’re pleased to present the second video in our demo series. Watch the video below to learn about StackRox alert stories, helping security analysts examine events and data required for enforcement and responsive action. We’ll take a look at how StackRox focuses on techniques all attackers require to move and take action in an environment.