Assessments / Container Security Assessment

Container Security Assessment

Containers offer an ultra-scalable solution to applications with hard-to-predict capacity requirements. These packaged software units grow laterally to load-distribute demand for a queue, an API or some other load-bearing software. While the novelty of containerization has worn off, the practicality and cost savings have not. Organizations recognize the value of elasticity in business-critical applications.

Purpose:

Our container security assessment takes an in-depth look at the security, upgradability, and maintainability of your containers and the services they provide. We ensure that security best practices are being followed in both the container and its Kubernetes cluster. We take an in-depth look at the susceptibility of exploitation by walking-through each step of Microsoft’s Kubernetes Attack Framework. This provides a holistic view of your container’s security and its potential impacts on the Kubernetes cluster.

Areas of Focus:

  • CI/CD Process Review
  • Scaling Policy Review
  • File Integrity Checks
  • Container Static Image Vulnerability Scanning
  • Container Bloat Review
  • Native Kubernetes Security Measures

Deliverables:

  • Executive summary report outlining current container and Kubernetes security posture.
  • Comprehensive technical report detailing attack methods used and exploitation vectors.
  • Container vulnerability scan report.
  • Container security assessment testing artifacts.
  • Debrief with the development team to discuss remediation recommendations.

Abricto Security helps to validate that the adoption of containerization does not come at the cost of security. We ensure that best practices are being followed in the creation and maintenance phases of your containers. This mitigates risks of supply-chain attacks whereby attackers prey on the convenience factor of public repositories. We also validate that your containers themselves are secure by scanning for known software vulnerabilities, vestigial packages and non-critical services.

Tell me more

Let's talk about your cyber security needs. Drop us a line below