Educause Security Discussion mailing list archives
Re: Container Security
From: Jason Borinski <jason.borinski () DEXCOM COM>
Date: Tue, 4 Jun 2019 19:34:10 +0000
Thanks, Kevin. Sysdig was on our list but I'm bumping it up based on your feedback. I'll connect with you further. Thank you From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Cleary, Kevin Sent: Tuesday, June 4, 2019 6:12 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Container Security Hi Jason, Another tool to potentially consider would be Sysdig - https://sysdig.com/<https://sysdig.com/> . At UB, we're running a OpenShift on-prem. So we needed something that could provide a depth of visibility across the many layers of keub/docker/OS software stack. We did also consider Aqua. -- Kevin Cleary Manager, Systems Software CIT Enterprise Infrastructure Services University at Buffalo 305 Computing Center Buffalo NY 14260-1407 Phone: 716-645-4767 From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> On Behalf Of Jason Borinski Sent: Monday, June 3, 2019 9:11 PM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] Container Security Hi all, I'm looking for input from this group on how you are handling container security. Are you primarily relying on native container platform features, open source or commercial third party tools? We're ramping up our use of Google Kubernetes Engine (GKE) and are both assessing it's native security features while also considering third party tools to augment capabilities, particularly around detection/response. On the plus side GKE seems to have cluster/node security covered. Google also offers a number of native add-on services such as Container Analysis<https://cloud.google.com/container-registry/docs/container-analysis> (image scanner, still in beta), Cloud Security Scanner<https://cloud.google.com/security-scanner/> (light weight web app scanner), and Event Threat Detection<https://cloud.google.com/event-threat-detection/> which shows promise but has recently been put on hold. There is a WAF in alpha for Cloud Armor<https://cloud.google.com/armor>. Cloud Security Command Center<https://cloud.google.com/security-command-center/> shows promise but has so far been underwhelming. These add-ons seem to be low in maturity and lacking threat detection and response capabilities. So evidently NGFW/IPS is out of fashion and kludgy for container security, so we're exploring cloud-native security architectures. Also looking at third party products - does anyone have any experience with tools like Twistlock, Aqua, Stackrox, or Trend Deep Security? If so would appreciate your recommendations or lessons learned. Thank you, Jason Jason Borinski Senior Manager Information Security | Dexcom 6350 Sequence Drive, San Diego, CA 92121 858-203-6178 | jason.borinski () dexcom com<mailto:jason.borinski () dexcom com>
Current thread:
- Container Security Jason Borinski (Jun 03)
- Re: Container Security Cleary, Kevin (Jun 04)
- Re: Container Security Jason Borinski (Jun 04)
- Re: Container Security Cleary, Kevin (Jun 04)