Containers and microservices complicate cloud-native security

http://www.theserverside.com/feature/Containers-and-microservices-complicate-cloud-native-security?utm_campaign=Black%20Duck%20Press&utm_content=60709505&utm_medium=social&utm_source=facebook

Developing applications with microservices and containers may be a modern approach to software design, but traditional software flaws still remain a problem when addressing cloud-native security.

When you think about microservices-architected, there’s a wide range of, I guess you could say opinions, about what that means. 

In this age of DevOps and cloud-native development, the software stack is more complex than ever, and when code is distrusted across a multitude of microservices and layered upon multiple virtual machines (VMs) and Docker containers, security holes can be difficult to identify. “The complexity of the application is a major challenge to any development staff,” 

Minimally built container can be far more secure than a full-blown VM. Container orchestration tools are making it easier than ever to enforce cloud-native security by rolling out updates to each Docker instance.

1 Comment

  1. Tomi Engdahl says:

    Why serverless computing makes Linux more relevant than ever
    https://www.techrepublic.com/article/why-serverless-computing-makes-linux-more-relevant-than-ever/

    As developers focus more on functions than underlying infrastructure, that infrastructure remains more important than ever before

    Despite the rise of cloud computing, containers, and a zillion other things that superficially seem destined to pulverize the operating system, Linux (and Windows) keep chugging away. In fact, if anything, the OS has become more relevant than ever. How did this happen?

    Everything about the cloud seems like it should be a major downer for the OS. Most recently, serverless computing has gained momentum, with developers increasingly fixated on their application code without much thought to underlying operating systems.

    And yet…even in serverless land the OS remains critical, in large part because no enterprises are 100% invested in any one public cloud, not to mention the reality that all enterprises of any scale have acres of legacy infrastructure sitting around.

    Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

*

*