Laptop Displaying the GigaOm Research Portal

Get your Free GigaOm account today.

Access complimentary GigaOm content by signing up for a FREE GigaOm account today — or upgrade to premium for full access to the GigaOm research catalog. Join now and uncover what you’ve been missing!

GigaOm Radar for Container Securityv1.01

Table of Contents

  1. Summary
  2. Market Categories and Deployment Types
  3. Key Criteria Comparison
  4. GigaOm Radar
  5. Vendor Insights
  6. Analyst’s Take

1. Summary

The infrastructure surrounding containers is complex on many levels. Registries hold container images from base image to complete application image. Container orchestrators hold container instances, communications information, and the role-based access control (RBAC) information required to run containers in a given environment. Even container definitions themselves hold a variety of software.

Each of these items contains multiple potential attack vectors. Some of them, like base images, are also a haven for crypto-miners and other attackers who require a variety of machines or a lot of processing power.

The average enterprise does not have the time or the resources to secure all of these resources, and the typical information technology (IT) worker avoids tampering with the configuration of all but a specific finalized container definition. This approach is natural, as orchestrators and registries have hundreds of configuration options that can impact security. While orchestrators are the most complex, and thus present the largest number of configuration issues, registries and images are also full of configuration options that can create security problems if set incorrectly.

Add to the configuration issues the fact that attackers can now insert sophisticated malware into images that are shared on public repositories, and it becomes apparent that containers represent a large and growing risk to an organization.

Tools in the container security market attempt to safeguard those large and specialized attack surfaces with a variety of protections that work from the point in time when a base image is first selected to the period of time when an application or instance is running on the corporate network. While normally containers are only marginally associated with the software development lifecycle (SDLC), container security spans the entire SDLC because base images are selected and can be scanned at design time; additions are scanned during development; and runtime monitoring and protection are also part of container security products.

This GigaOm Radar report highlights key container security vendors and equips IT decision-makers with the information needed to select the best fit for their business and use case requirements. In the corresponding GigaOm report “Key Criteria for Evaluating Container Security,” we describe in more detail the key features and metrics that are used to evaluate vendors in this market.

How to Read this Report

This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:

Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.

GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.

Solution Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.