What is Symantec Data Center Security?
Docker containers make it easy to develop, deploy, and deliver applications where containers can be deployed and brought down in a matter of seconds. This flexibility makes it very useful for DevOps to automate deployment of containers. Symantec Data Center Security: Server Advanced provides agent-less Docker container protection that allows you to achieve the performance benefits of Docker without sacrificing security. Full application control enables administrator privilege de-escalation, patch mitigation, and protection against zero day threats in today’s heterogeneous data centers.
According to Symantec, Docker containers expose new threat surfaces. The host
operating system, Docker daemon and containers are open to
vulnerabilities that can be breached. Some of the recently
known Docker vulnerabilities and exploits are:
-
Docker daemon currently requires root privileges and Docker recommends that only trusted users should be allowed access to Docker daemon.
-
Docker can be started with incorrect parameters for host network, which can shut down the host.
-
The shocker code exploit exposed a Docker vulnerability for container breakout.
-
Recent CVE reports show that vulnerabilities being introduced with deployments.
