Ten Layers of Container Security

Containers have broad appeal because they allow users to easily package an application, and all its dependencies, into a single image that can be promoted from development, to test, and to production — without change. Containers make it easy to ensure consistency across environments and multiple deployment targets like physical servers, virtual machines (VMs), and private or public clouds. This helps teams more easily develop and manage the applications that deliver business value.

Enterprises require strong security and anyone running essential services in containers will ask, “Are containers secure?” and “Can we trust containers with our applications?” This paper describes 10 key elements of security for different layers of the container solution stack and different stages of the container life cycle:

1. Container host multitenancy
2. Container content
3. Container registries
4. Building containers
5. Deploying containers
6. Container orchestration
7. Network isolation
8. Storage
9. Application programming interface (API) management
10. Federated clusters