Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

As containers take off, so do security concerns

Maria Korolov | Sept. 18, 2015
Containers offer a quick and easy way to package up applications but security is becoming a real concern

Twistlock provides tools that can add security at multiple points. It can scan a company's repository of containers, it can scan containers just as they are loaded and prevent vulnerable containers from launching.

"For example, if the application inside the container is allowed to run as root, we can say that it's a violation of policy and stop it from running," she said.

Twistlock can monitor whether a container is communicating with known command-and-control hosts and either report it, cut off the communication channel, or shut down the container altogether.

And the company also monitors communications between the container and the underlying Docker infrastructure, to detect applications that are trying to issue privileged commands or otherwise tunnel out of the container.

Market outlook

According to IDC analyst Gary Chen, container technology is still new that most companies are still figuring out what value they offer and how they're going to use them.

"Today, it's not really a big market," he said. "It's still really early in the game. Security is something you need once you start to put containers into operations."

That will change once containers get more widely deployed.

"I wouldn't be surprised if the big guys eventually got into this marketplace," he said.

More than 800 million containers have been downloaded so far by tens of thousands of enterprises, according to Docker.

But it's hard to calculate the dollar value of this market, said Joerg Fritsch, research director for security and risk management at research firm Gartner.

"Docker has not yet found a way to monetize their software," he said, and there are very few other vendors offering services in this space. He estimates the market size to be around $200 million or $300 million, much of it from just a single services vendor, Odin, formerly the service provider part of virtualization company Parallels.

With the exception of Odin, most of the vendors in this space, including Docker itself, are relatively new startups, he said, and there are few commercial management and security tools available for enterprise customers.

"When you buy from startups you always have this business risk, that a startup will change its identity on the way," Firtsch said.

 

Previous Page  1  2  3  4 

Sign up for CIO Asia eNewsletters.