Containers Security Methodologies
A mind mapping approach for implementing secure applications
As I had the great opportunity to talk a little bit about containers security in the Open Security Summit, I wanted to share with you some mind maps that we created to summarize different mythologies and standards that the Security team can use as a reference when building applications that will run on a containerized environment.
1. OWASP Container Security Verification Standard
As described in the OWASP Web Site “The Container Security Verification Standard (CSVS) is a community-effort to establish a framework of security requirements and controls that focus on normalizing the functional and non-functional security controls required when designing, developing and testing container-based solutions with a focus on Docker”.
Definitely, CSVS is a great framework to help us to design and implement applications in containers. Here is the mind map of this standard with the múltiple stages it has:
2. CIS Docker Benchmark version 1.2.0
The CIS Docker Benchmark provides a good amount of security checks for Docker containers and the Docker runtime itself, to address security misconfiguration.
This Benchmark contains eight (8) stages described in the following mind map.
3. NIST Special Publication 800–190 Application Container Security
This Special Publication focuses on concerns and major security risks related to container security and mechanisms to address them via the provisioning of practical recommendations.
The following mind map provides some visibility on the areas that this publication focuses on.
4. General Information
I have been actively using XMind for creating these mind maps; I’m a picture-oriented person that wants to have a big picture view of the things I’m focusing on, that way with some direction, I can drill-down as much as needed to get to the nitty-gritty details.
You can find these mind maps in my GitHub repo here.
