Good news ! Hackbusters community is waiting for you !  https://discuss.hackbusters.com
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at: https://discuss.hackbusters.com.

Securing the Entire Container Stack, Lifecycle and Pipeline – Part 2

Untitled-design3-17

I recently introduced a three-part series about injecting security hygiene into the container environment. For the first installment, I provided some background information on what containers are and how the container pipeline works. Let’s now discuss how we can incorporate security into the pipeline.

Assessing Images Before Production

To secure the pipeline, the first thing we can do is bring a security assessment tool into the build process.Instead of having your continuous integration tool build your image and immediately push it into a registry, the image should first be pushed into a security tool that can assess that image for vulnerabilities and misconfigurations.

Based on a policy of your organizations choosing, the image should be passed or failed, and only passed images should be pushed into the production-ready image registry.This ensures that security assessments take place at the earliest stages of your container development and that at-risk containers never...(continued)

View All Trending Stories