Comment: Latest Docker Container Attack Highlights Remote Networking Flaws

It has been reported that a security flaw that provides a backdoor through which Docker containers can be compromised via unsecured remote connections may require IT teams to revisit their approach to DevSecOps.


EXPERTS COMMENTS
Sergio Loureiro, Cloud Security Director ,  Outpost24
September 02, 2020
Hackers are looking for computing power for crypto mining, and they know DevOps environments tend to be low hanging fruit.
This type of attack will be fueled by widespread usage of containers and AWS. Hackers are looking for computing power for crypto mining, and they know DevOps environments tend to be low hanging fruit. Default configuration, or should I say misconfiguration, such as enabled Docker remote connections are great for DevOps collaboration but as this attack shows it is against basic security best practi ....
[Read More >>]
Tim Mackey, Principal Security Strategist,  Synopsys CyRC
September 02, 2020
Solving these types of problems requires that all teams, from development to operations, play to their strengths.
Containers do not magically make applications more secure than running the same application in a VM. In fact, by enabling a development team to make deployment decisions, such as those related to container base images and image configurations, container development assumes the skills required to properly secure production systems are present within the development team. This can lead to container ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article