What Is It?
Containerisation is a mechanism for running lightweight system images, known as containers, on a host. These containers contain a small, cut down, operating system and contain only the relevant packages for their usage such as hosting a web application for example. Containerisation works on a microservice basis, where elements of a service are split out to assist with rapid development and prioritised management. These containers can be hosted on an individual basis, such as in Docker for example, or in an orchestration platform such as Kubernetes for example. It should be noted that containerisation is different to conventional virtualisation as containers use separate processes from a single host kernel versus virtualisation which has an underlying operating system that provides a hypervisor.
Why Assess It?
There are many reasons to conduct a containerisation security assessment, five of which are below.
The Agility Cyber Approach
Like all our engagements, we want you to get the most out of your containerisation security assessment and we do this by: