Laptop Displaying the GigaOm Research Portal

Get your Free GigaOm account today.

Access complimentary GigaOm content by signing up for a FREE GigaOm account today — or upgrade to premium for full access to the GigaOm research catalog. Join now and uncover what you’ve been missing!

GigaOm Radar for Container Securityv2.02

Table of Contents

  1. Summary
  2. Market Categories and Deployment Types
  3. Key Criteria Comparison
  4. GigaOm Radar
  5. Vendor Insights
  6. Analyst’s Take

1. Summary

The infrastructure surrounding containers is complex on many levels. Registries hold container images ranging from base image to complete application image. Container orchestrators hold container instances, communications information, and the role-based access control (RBAC) information required to run containers in a given environment. Container definitions themselves hold instructions to apply a variety of software, some more trusted than others.

Each of these items contains multiple potential attack vectors. Some of them, like base images, are also a haven for crypto-miners and other attackers who require a large number of machines or a lot of processing power.

The average enterprise does not have the time or the resources to secure all of these items, and the typical IT worker avoids tampering with the configuration of all but a specific finalized container definition. This approach is natural, as orchestrators and registries have hundreds of configuration options that can impact security. While orchestrators are the most complex and present the largest number of configuration issues, registries and images are also full of configuration options that can create security problems if set incorrectly.

Add to the configuration issues the fact that attackers can now insert sophisticated malware into images that are shared on public repositories, and it becomes apparent that containers represent a large and growing risk to an organization.

Tools in the container security market attempt to safeguard those large and specialized attack surfaces with a variety of protections that work from the point a base image is first selected to the time an application or instance is running on the corporate network. While normally containers are only marginally associated with the software development lifecycle (SDLC), container security spans the entire SDLC because base images are selected and can be scanned at design time, additions are scanned during development, and runtime monitoring and protection are also part of container security products.

This GigaOm Radar report highlights key container security vendors and equips IT decision-makers with the information needed to select the best fit for their business and use case requirements. In the corresponding GigaOm report “Key Criteria for Evaluating Container Security Solutions,” we describe in more detail the capabilities and metrics that are used to evaluate vendors in this market.

How to Read this Report

This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:

Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.

GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.