Container technologies are growing rapidly as cloud computing becomes a necessity. Containers clearly outweigh the shortcomings for most enterprises and helps them release quality code faster at reduced cost. In this blog, we will look into some of the container security tools available to secure your containers.
Container Security Tools – Docker Native
Docker Bench for Security [Open Source]:
This script checks for common security threats. It also checks for dozens of common best-practices around deploying Docker containers in production. You can get more information about the tool here.
Docker Notary [Open Source]:
Docker Notary helps ensure that a trusted connection has been established between client and server. It allows anyone to have trust over arbitrary collections of data. You can get more information about the tool here.
Anchore
Anchore provides Open Source and Enterprise security solution for containerized environment. It performs analysis and policy evaluation of the containerized environment in public cloud / on-premise. You can find more information about Anchore here.
CoreOS Clair
CoreOS Clair is an open source static analysis / vulnerabilities management tool for application containers. Currently, it supports Docker and Appc. CoreOS Clair is helpful to determine insecure container images and check vulnerabilities in it. You can find more information about the CoreOS clair here.
Aqua Container Security Platform
Aqua Container Security Platform is an automated security platform for the containerized applications. It provides run time protection, auditing, and compliance. You can find more information about Aqua Container Security Platform here.
Twistlock
Twistlock is an end to end solution for the security of containerized environments. It comes up with the Enterprise Edition and Developer Edition. It includes Runtime Defence, Vulnerability Management, CI Integration, Compliance, Access Control and Security Analytics. You can find more information about the Twistlock here.
As more containers get deployed into cloud environments, these free and commercial container security tools can help you secure your workloads. With new vulnerabilities being discovered and new attacks like meltdown and spectre being launched on a regular basis, it’s very important that you harden your Docker/Container stack as part of your CI CD pipeline strategy and stay safe.