Controls

Five Easy Steps to Keep on Your Organization’s DevOps Security Checklist

F5's Lori MacVittie writes for Tripwire, Inc., sharing five easy steps you can take to help improve security without sacrificing speed.
March 27, 2019
1 min. read

The discovery of a significant container-based (runc) exploit sent shudders across the Internet. Exploitation of CVE-2019-5736 can be achieved with “minimal user interaction” it subsequently allows attackers to gain root-level code execution on the host.

Scary, to be sure. Scarier, however, is that the minimal user interaction was made easier by failure to follow a single, simple rule: lock the door. Studies have shown an increasing number of publicly accessible, containerized environments that require no credentials. That means anyone – maybe you, maybe me – could gain control and deploy the appropriate malicious container required to gain root-level access.

Read the full article published March 5, 2019 here: https://www.tripwire.com/state-of-security/devops/devops-security-checklist/ by Tripwire, Inc.

Join the Discussion
Authors & Contributors
Lori Mac Vittie (Author)
Prinicipal Technical Evangelist

More from Learning Center

What Is Zero Trust Architecture (ZTA)?
What Is Zero Trust Architecture (ZTA)?
article 13 min. read
What Is Access Control?
What Is Access Control?
article 15 min. read
What is Multi-Cloud and How Does It Affect Security?
What is Multi-Cloud and How Does It Affect Security?
article 13 min. read