MongoDB Ransomware Attacks Illustrate the Need for Both Traditional and New Security Techniques

NeuVector Container Security

By Gary Duan, CTO, NeuVector The recently reported ransomware attacks on MongoDB are shocking not just by the sheer number of them – over 28,000 and counting – but also by how easily they were compromised. These attacks did not require any sophisticated malware or hacking schemes to pull off. They took advantage of poor administrative practices, and remind us …

How Docker Swarm Container Networking Works – Under the Hood

NeuVector Network Security

By Gary Duan, CTO, NeuVector Docker 1.12 is a release loaded with a lot of great features. With built-in orchestration and by removing dependencies on the external KV store, Docker Swarm allows DevOps to quickly deploy a multi-host docker cluster that “just works.” Although not without controversies, when compared to Kubernetes, Docker Swarm’s ease-of-use is one of it’s most cited …

How to Secure AWS Containers and Use ECS for Container Security

Glen Kosaka Cloud Security

AWS containers are growing rapidly in popularity but how to secure containers in production is still a new topic. In this video from AWS re:Invent Henrik Johansson and Michael Capicotto present how to secure containers on AWS and use AWS ECS for security and governance. We also provide a summary below. Session Description Containers have had an incredibly large adoption …

You Can’t Secure What You Can’t See – Docker Network Security

Glen Kosaka Docker Security

There’s been a lot of discussion of container security for images, platforms, and the OS. But not much about getting visibility of the container network, especially for security purposes. Docker networking can be a complex, big topic, and Docker network security is not well understood. A common question we often hear is: How can I see the container network behavior in real-time?” …

containers vs virtual machines

Containers vs Virtual Machines (vms) – A Security Perspective

Glen Kosaka Container Security

By Henrik Rosendahl What are the arguments for containers vs virtual machines (VM’s)? Back in March 2016 Mike Coleman (@mikegcoleman) from Docker wrote a blog post titled: Containers Are Not VMs. Mike and I used to be colleagues at VMware EUC – working on delivering applications in virtual desktop environments. As you probably already know Virtual Machines provide a very …