The velocity of change is rapidly increasing, reducing the benefits of point-in-time vulnerability and malware scanning.
#Journal intime software
We must recognize that software, at all layers of the application and infrastructure stack, changes frequently, through new code and updates to existing software, from both third- party sources and internal changes from our own software teams. But there are differences in today’s DevOps-driven, cloud-native world. We’ve had over a decade of experience scanning and validating virtual images and most of that experience is applicable to making sure we don’t use container images with malicious content. Is malicious code in container images something new? No-we’ve seen situations very similar going back to the early days of virtual disk images (VDMKs), which are still in use today. SSH and API keys, which can be used by hackers to gain unauthorized access, were also present in images. The malicious image issues included embedded secrets, proxy avoidance and malicious websites, with cryptomining as the most frequently found issue. T he report found 1,777 images that were identified as malicious. The Sysdig Threat Research Team (TRT) performed an automated analysis of over 250,000 Linux container images available in Docker Hub.
The recent 2022 Sysdig Cloud-Native Threat Report explored the threat of malicious code hiding inside preconfigured and shared container images. Independent software vendors (ISVs) also make use of the Docker Verified Publisher Program and code signing is also available to validate container image publishers. Docker Hub provides official container images that are reviewed and published by the Docker Library Project. Several container libraries are available Docker Hub is one of the most prominent and widely used. Containers not only provide a mechanism for packaging code in deployable and manageable units, but containers are also a downloadable resource that can speed up infrastructure and app configurations, rapidly creating development environments and deploying code to test and production.
0 kommentar(er)
