Automated Container Security

Container Technologies is considered as one of the most uprising technologies in the computing paradigm. The container market is expected to reach globally $ 2.7 billion in 2020, up from $ 762 million in 2016. It also forecasts that one of the five of the organization is going to deploy container-based facilities to boost up their productivity. This fast transition towards the container services has drawn a significant focus on its security. According to the Portwax Survey result, 61% developers ranked security as the top-most challenge for adoption of container technologies. From a cyber security perspective, the success in the adoption to the container-based solution mostly depends on its security assurance. In many cases, developers are facing problems for security issues due to the difficulties involved in explaining the behaviours of container services, management inconsistencies, firewall rule permissions, security design analysis and security testing. In addition, Amazon Web Services reported in a survey that 83% developers are not taking basic security measures while using container technologies. Hence, security automation will play a vital role in this scenario as it will help the organizations to avoid the security issues. By using automation, container environments can address potential attacks and stay ahead of security-risks. Furthermore, container-based services are regularly progressing with additional features and service modifications. Therefore, it is essential to design a software-based platform which can support automation of the security of container-based solutions.

Researchers at CREST leverage various artificial intelligence approaches to develop tools and techniques to better understand the developers’ viewpoint on security while adopting container technologies in industry. We study a large volume of container-related data in open source software repositories (GitHub), Question/Answering Platforms (Stack Overflow, Docker Forum) as well as container image repositories (Docker Hub) to find and analyse the security issues. This research will help container developers and researchers to understand container security requirements and provide a broad view of possible security attacks and risks.