Thursday, December 6, 2018

Protect Linux containers running in IaaS with Azure Security Center


These days most of the enterprises are transforming their monolith applications to run mission-critical, containerized cloud-native applications in production. Using Containers, they can achieve multiple advantages, both for developers and IT professionals. Easy and fast to deploy, immutable, and provide fast iteration are some of them. As the number of containers deployed continues to increase, security solutions need to be in place to provide you with visibility into the security state of your containers and help protect them from threats.
Microsoft Azure team is now providing you with several new capabilities to help you secure your containers.

1.     Visibility to the containers hosted on IaaS Linux machines

There is a new tab to display all virtual machines with Docker.

There is additional information that Security Center now provides, when user exploring the security issues of a virtual machine.
E.g.: Information related to the containers on the machine, such as Docker version and the number of images running on the host.



2. Security recommendations based on the CIS benchmark for Docker

By using security center AI technology Security center scans (Reads) user’s Docker configurations and gives you visibility into misconfigurations by providing a list of all failed rules that were assessed and gives quick fixes as well as it helps you to resolve the issues quickly and save time. Security Center continuously assesses the Docker configurations and provides you with their latest state.


3. Real time container threat detection

Real-time threat detection is searching for threats for the containers using Linux machines, AuditD component
The alerts identify several suspicious Docker activities, such as the creation of a privileged container on host, an indication of Secure Shell (SSH) server run inside a Docker container, or the usage of crypto miners. You can use this information to quickly remediate security issues and improve the security of your containers.