New Blog | Protecting Containers: A Primer for Moving from an EDR-based Threat Approach

By Beth Bischoff

 

Many security teams are familiar with an EDR-based approach to security. However, container protection within their cloud ecosystem can seem much more challenging and complex. 

 

Protecting containers requires an understanding of the complete attack surface that containers expose--whether you are running them using an orchestrator like Kubernetes or locally using Docker.

 

In this article, we will describe the attack surface, how it compares and aligns with the security technologies you might already have, and then make the case for a stronger focus on pre-deployment protections, adding to standard EDR post-deployment detections.

 

Let’s start by looking at the container-based CI/CD deployment process that we will use in the article. We will discuss security controls (preferring Cloud Native) that you may need at each phase.

 

Note: This is a simplistic pipeline that you can customize. The idea here is to focus more on the foundational concepts related to container driven development/deployment.

 

Fig. Container driven development and deployment pipeline

 

 

Read the full post here: Protecting Containers: A Primer for Moving from an EDR-based Threat Approach