Most containers are running as root, which increases runtime security risk

2021-01-14 05:30

Among its findings, the report states that while 74 percent of customers are scanning before deployment, still 58 percent of containers are running as root.

There are some containers that should run as root-security and system daemons for example-but this is a small portion of total containers.

While Docker revolutionized containers, organizations are rapidly switching to newer runtimes like containerd and CRI-O. 21% of containers live less than 10 seconds.

The short life of containers reaffirms the need for container-specific tools for security and monitoring.

"With the high-profile breaches we are seeing and the accelerated adoption of containers in production, the container security risk is now on the radar of CISOs. Across millions of containers that we have studied, it's clear that organizations are shifting security left, but they are neglecting critical best practices," said Suresh Vasudevan, CEO of Sysdig.

"Container security has to span the entire software development lifecycle. Until organizations fix risky configurations, protect their runtime environments, and invest in container forensics, we will see an increase in container security breaches. I expect we will see several high-impact breaches before we release our next report."

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/svUirmqwhzY/

#root #security