I recently came across this book, Container Security by Liz Rice, while searching for material to read on how to secure containerized applications. This was the only book I could find on the topic, so I picked it up without thinking further. It was published in April 2020.
The book’s tagline, “Fundamental Technology Concepts that Protect Containerized Applications”, provides an apt description of the content. It starts with basic concepts which are necessary to understand before we set out to secure containers. Even though the book is divided into 14 chapters, they can be rolled up into following three broad categories:
- How containers work or, more aptly, what makes containers possible? – Chapters 2-5. In these chapters the author provides a brief introduction to various Linux components, such as Namespaces, Control Groups, Sys calls, Permissions, Capabilities etc. that work together to enable the technology we know as Containers. After all, a container is still a Linux process running on the host machine. This part ends by giving a bird’s eye view of virtual machines and how containers are different from VMs.
- Securing various aspects of containers – Chapters 6-13. In each of these chapters the author describes a facet of containers and also provides recommendations on securing it. For example, in chapter 6 she describes how container images are built and also provides security best practices to protect container images. This part also covers concepts like rootless containers, Kata containers, Unikernels etc.
- Container security threats, recommendations and checklist – Chapter 1, 14 and security checklist. In the first chapter the author covers various threats associated with containers and provides mitigations to address them. The author has also provided a container threat model in this chapter. In chapter 14, the author maps various vulnerabilities associated with containers to OWASP Top 10. Finally, at the end of the book the author has also provided a security checklist based on her recommendations throughout the book.
Here are a few things I liked about this book:
- Good coverage of container threats and security best practices.
- It builds the foundation by describing how containers work on the ground. This understanding is fundamental for learning how to secure containers.
- The author had provided a lot of useful commands for enumerating containers (they are spread throughout the book and not covered specifically under this heading).
- The author has also provided various tools that can be used to secure containers.
- It is written in an easy to understand manner despite being technical in nature.
- Security checklist at the end of the book.
- At 180 pages, it’s short and concise. Packed with a lot of useful information.
- This book is good for developers working on containerized applications, cloud security professionals, security managers and red teamers.
Not so salient features
Here are a few things I did not like about this book:
My rating: 5.0 / 5.0
Uday Mittal is a cybersecurity professional with rich working experience working with various industries including telecom, publishing, consulting and finance. He holds internationally recognized certifications such as CRTP, OSCE, OSCP, CISSP, CISA, CISM, CRISC among others. He speaks on cybersecurity awareness, offensive security research etc. and has authored various articles on topics related to cyber security and software development for a leading magazine on open source software.