The National Institute of Standards and Technology Special Publication 800-190 (NIST 800-190) offers a framework for understanding some of the specific challenges related to securing containerized applications, as well as what organizations need to do to improve the application’s security profile.
NIST guidelines are targeted toward U.S. government agencies, as well as government contractors, but any company might want to follow NIST 800-190 guidelines, both to improve overall security and because they can make it easier to meet other compliance frameworks like PCI and HIPAA.
The NIST 800-190 highlights common sources of security vulnerabilities in containerized applications, which include:
- Compromised images
- Misconfigurations in container images
- Untrusted container images
- Poorly managed secrets
- Misconfigured access controls
- OS vulnerabilities
- Unnecessarily large attack surfaces
Just as importantly, the NIST 800-190 stresses the need for organizations to approach security for containerized applications in a different way than they did for traditional applications. Containerized applications have different risk factors than virtual machines and require a different set of security practices.
NIST 800-190 requires organizations to:
- Use purpose-built tools to manage image vulnerabilities throughout the entire image lifecycle, from build through deploy and runtime.
- Ensure that images comply with configuration best practices.
- Protect secrets by storing them outside the image, using Kubernetes to manage secrets, restrict access to secrets to those containers that need them and encrypt secrets at rest and in transit.
- Use a secure connection when pushing or pulling from the registry.
- Ensure that the container always uses the latest image version.
- Segment network traffic, at the very least to isolate sensitive from non-sensitive networks.
- Use Kubernetes to securely introduce nodes and keep an inventory of nodes and their connectivity states.
- Control outbound traffic from containers.
- Ensure continual compliance with container runtime configurations standards such as the CIS benchmarks.
- Use security controls to detect threats and potential intrusions at the container and infrastructure level.
- Use a hardened, container-specific operating system with an attack surface that is as small as possible.
- Prevent host file system tampering by ensuring containers have as few permissions as possible to function as designed.
Even organizations who don’t need to comply with the NIST 800-190 requirements should consider them a useful framework for improving the organization’s security posture. They ensure organizations are thinking about security throughout the build, deploy and runtime phases, addressing the unique security requirements of each stage.
Last updated: May-30-2020