One of the most significant issues cybersecurity teams must come to terms with in 2019 is how container security should be implemented and maintained. The days when cybersecurity teams were solely responsible for implementing cybersecurity controls are long past. In fact, as cybersecurity becomes more distributed across the enterprise, the way cybersecurity metrics are consumed also will need to evolve.
With that goal in mind, Aqua Security has partnered with Datadog, a provider of IT monitoring services, to make it easier to consume security metrics alongside IT operational data.
Rani Osnat, vice president of product marketing for Aqua Security, says such alliances will prove critical as DevSecOps processes continue to mature. DevOps teams increasingly are looking to incorporate security alerts to help them prioritize application updates, he says.
Specifically, the integration with Datadog will make it possible to take advantage of pre-built dashboards that display, among other things, what container images are currently in Aqua’s scan queue; known vulnerabilities and security issues found in existing images; containers running from unauthorized images; and Aqua runtime policy violations and audit events. Datadog users can use the data provided in the Aqua dashboards to set up their own alerts, aggregate data streams from different applications and customize how data is displayed.
In 2019, Osnat predicts that in the coming year cybersecurity increasingly will be treated as code alongside IT infrastructure.
He also predicts that as more instances of Kubernetes are deployed in production environments, the number of cybersecurity issues also will increase. Less clear is whether those cybersecurity issues will arise because of the containers themselves or what is inadvertently packaged in them.
At the same time, Osnat expects cybersecurity will become more complex, as DevOps teams look to support multiple clouds while at the same time are asked to secure serverless computing frameworks as extensions to container environments.
The extent to which cybersecurity professionals will need to work hand in glove with DevOps teams is unknown currently. The hope is that developers will include the appropriate cybersecurity controls defined by cybersecurity professionals within their applications, but how well organizations will be able to achieve that state of cybersecurity nirvana is debatable. However, most agree that trying to include cybersecurity professionals in the daily DevOps meeting isn’t practical. But, at the very least, updating and adding cybersecurity controls using containers should be much easier than patching a monolithic application.
As the number of cybersecurity events involving containers continues to multiply, cybersecurity will be a critical issue as organizations embrace microservices as part of ongoing efforts to become more agile. Organizations will be challenged with making sure that whatever gains are achieved in terms of agility don’t come at the expense of security. Otherwise, a backlash against replacing legacy applications with modern microservices-based applications built using containers running on Kubernetes clusters surely will ensue.