Far from proposing you a full formation to ISO 27005, this short post will introduce to you the basis to keep in mind before starting any new Security Project.
Indeed, contrary to other investments, security won’t bring new value to your company Business; instead, it gives you the promise to protect your current value. As I’ve already discussed with students in a recent lecture, I gave on the Risks of IT Outsourcing, when you subscribe to a new outsourcing contract, concerning security, the External Service Provider (ESP) has an obligation of means he should apply rather than results. For this reason, Key Performance Indicators relative to IT security are particularly tricky to define.
As containers became a standard in IT applications, enumerating a few security best practices is now a business need. Therefore I’ve defined those three golden rules to keep in mind before pushing a new image for production to your company container repository.
I Careful with share volumes you will be
Contrary to a Virtual Machine, a Docker container uses the host kernel directly, so in case of a kernel vulnerability restricted permissions on shared resources won’t protect you from an attacker.
For example, the vulnerability Dirty Cow 1 is still used to get a root access on stock Android rom up to Nougat 2.
I won’t make a video on how to exploit this vulnerability, but if you’re interested in, you can find a very detailed blog post on Aqua Security blog 3.