Remember when we thought containers were the answer to infrastructure vulnerabilities?
Slimmed down images, ephemeral infrastructure, easily updated code defined configurations? While DevOps adopted the tech and ran with it, Infosec fell behind.
The same problems we had with physical servers still exist in the container world.
Insecure libraries, overly permissive privileges, out of date operating systems. What's old is new again.
The difference is we can turn the tide more easily this time. Those advantages of containers still exist, we just don't take advantage of them. We need to work collaboratively with Dev and Ops on how base images are selected, how orchestration is secured, and how we identify and remediate vulnerabilities in our images. We need to be active participants, not hands off but not dictators either.
Check out some good practices around container security, and feel free to ask questions.