Posts under Docker
Forensics in the age of containers You’ve seen it countless times in television’s most popular dramas: professional investigators descend on the scene of a crime to meticulously record and analyze every detail and clue before anyone else can disrupt the scene. If the crime appears to be related to other ongoing cases, clues are tacked to the peg board back at headquarters. Only once all the pieces have been assembled do patterns emerge.
Introduction Container technology has radically changed the way that applications are being developed and deployed. Notably, containers dramatically ease dependency management, so shipping new features or code is faster than ever before. While Docker containers and Kubernetes are great for DevOps, they also present new security challenges that both security practitioners and developers must understand and address with diligence. Docker’s team of security experts has built some valuable security features into the Docker platform over the last several years.
WAF the heck do I do to protect against attacks on my container-based web applications? The hackers who want your organization’s valuable data will invariably target your web applications. Despite the steady increase in distributed denial-of-service (DDoS) attacks and ransomware, web application attacks represent the most common cause of data breaches.1 The vast majority of these attacks are executed by botnets, operated by organized crime2. Their goals: stealing credentials, growing the size of the botnet, and, of course, exfiltrating information that can be used for financial gain.