Browse Definitions :
Definition

secure container

A secure container is a lightweight, executable software package that has been isolated from other software or processes running on the same virtual or physical host. The purpose of containerization (also known as sandboxing) is to prevent intruders and malicious code from interacting with other applications and data in an unauthorized manner.

For example, in a mobile security context, a secure container might consist of a logical area of an employee's smartphone in which corporate applications and data are isolated from the owner's personal data and apps. This approach to using secure containers in mobile device management (MDM) is also known as dual persona.

Today, security and isolation concerns for containers are a top priority for industry vendors who have split their applications into services and microservices. Strategies for keeping containers secure include reducing the attack surfaces in container images, avoiding the use of public container images and implementing role-based access controls (RBAC) to limit privileges.

Container security strategies seek to limit what a container root user can do outside the container or the host on which the container runs. While most of the best-known techniques in container security restrict attackers' access to hosts and other back-end systems from compromised container instances, experts warn that prevention of unauthorized access to application programming interfaces (APIs) is critical, too.

The market for secure container tools is still emerging and selection and finding the right tool can be difficult, especially when large security and DevOps teams share responsibility for containerized applications. For example, the decision for whether to use Trend Micro or Twistlock may boil down to whether the customer prefers to have container security be a feature set of a more comprehensive security information and event management (SIEM) product or remain a dedicated product that is the sole focus of the security vendor's expertise.

This was last updated in February 2019

Continue Reading About secure container

SearchNetworking
SearchSecurity
  • man in the browser (MitB)

    Man in the browser (MitB) is a security attack where the perpetrator installs a Trojan horse on the victim's computer that is ...

  • Patch Tuesday

    Patch Tuesday is the unofficial name of Microsoft's monthly scheduled release of security fixes for the Windows operating system ...

  • parameter tampering

    Parameter tampering is a type of web-based cyber attack in which certain parameters in a URL are changed without a user's ...

SearchCIO
  • chief procurement officer (CPO)

    The chief procurement officer, or CPO, leads an organization's procurement department and oversees the acquisitions of goods and ...

  • Lean Six Sigma

    Lean Six Sigma is a data-driven approach to improving efficiency, customer satisfaction and profits.

  • change management

    Change management is a systematic approach to dealing with the transition or transformation of an organization's goals, processes...

SearchHRSoftware
SearchCustomerExperience
  • clickstream data (clickstream analytics)

    Clickstream data and clickstream analytics are the processes involved in collecting, analyzing and reporting aggregate data about...

  • neuromarketing

    Neuromarketing is the study of how people's brains respond to advertising and other brand-related messages by scientifically ...

  • contextual marketing

    Contextual marketing is an online marketing strategy model in which people are served with targeted advertising based on their ...

Close