Word of the Day: secure container

Word of the Day Daily updates on the latest technology terms | February 20, 2019 secure container A secure container is a lightweight, executable software package that has been isolated from other software or processes running on the same virtual or physical host. The purpose of containerization (also known as sandboxing) is to prevent intruders and malicious code from interacting with other applications and data in an unauthorized manner. For example, in a mobile security context, a secure container might consist of a logical area of an employee's smartphone in which corporate applications and data are isolated from the owner's personal data and apps. This approach to using secure containers in mobile device management (MDM) is also known as duel persona.   Today, security and isolation concerns for containers are a top priority for industry vendors who have split their applications into services and microservices. Strategies for keeping containers secure include reducing the attack surfaces in container images, avoiding the use of public container images and implementing role-based access controls (RBAC) to limit privileges.   Container security strategies seek to limit what a container root user can do outside the container or the host on which the container runs. While most of the best-known techniques in container security restrict attackers' access to hosts and other back-end systems from compromised container instances, experts warn that prevention of unauthorized access to application programming interfaces (APIs) is critical, too.   The market for secure container tools is still emerging and selection and finding the right tool can be difficult, especially when large Security and DevOps teams share responsibility for containerized applications. For example, the decision for whether to use Trend Micro or Twistlock may boil down to whether the customer prefers to have container security be a feature set of a more comprehensive security information and event management (SIEM) product or remain a dedicated product that is the sole focus of the security vendor's expertise. Quote of the Day "Virtual machines are like herds of cattle. Containers are more like locusts. They are dense, little, going everywhere, and controlling them becomes much harder." - Loris Degioanni Trending Terms mobile security application sandboxing bring your own device container management software container dual persona   Correction from Monday's Word of the Day: IGP stands for Interior Gateway Protocol, not Internet Gateway Protocol. Learning Center Container security tools pump up the platform As enterprises move to containerized environments, supporting Docker and other formats, container security tools that offer visibility from image creation to runtime execution prove critical for security teams. Kata Containers, gVisor offer more secure container strategies Virtualization provides a tried-and-true way to address container security, but inflexibility can limit the technology's best features. Kata Containers and Google gVisor provide different container approaches that can balance safety with speed and use VMs in different ways. An introduction to containers and orchestration for IT admins Planning to implement container-based workloads in production but not sure where to begin? This introduction to containers includes the basics on Docker, Kubernetes and Mesos, as well as answers to common questions. What are containers, and how do they work? Enterprises evaluating Docker and other container systems need to know: What are containers? How do they differ from VMs? What are the differences between container types? Pros and cons of using secure containers for mobile device security Consumerization of the enterprise presents more risks to sensitive corporate information. It?s important for IT departments to know how and when to use secure container applications to protect that data. Quiz Yourself In Kubernetes, a replication controller scales containers horizontally, ensuring there are more or ________ containers to meet the overall application's computing needs. A. less B. fewer Answer Stay in Touch For feedback about any of our definitions or to suggest a new definition, please contact me at: mrouse@techtarget.com Visit the Word of the Day Archives and catch up on what you've missed! FOLLOW US About This E-Newsletter This e-newsletter is published by the TechTarget network. To unsubscribe from Whatis.com, click here. Please note, this will not affect any other subscriptions you have signed up for. TechTarget, Whatis, 275 Grove Street, Newton, MA 02466. Contact: webmaster@techtarget.com Copyright 2018 TechTarget. All rights reserved.