• 1 min read

Protect Linux containers running in IaaS with Azure Security Center

Nowadays, more and more enterprises are migrating their monolith applications to run mission-critical, containerized cloud-native applications in production. Containers provide multiple advantages, both for developers and IT professionals.

Nowadays, more and more enterprises are migrating their monolith applications to run mission-critical, containerized cloud-native applications in production. Containers provide multiple advantages, both for developers and IT professionals. They are easy and fast to deploy, immutable, and provide fast iteration. As the number of containers deployed continues to increase, security solutions need to be in place to provide you with visibility into the security state of your containers and help protect them from threats.

Azure Security Center now provides you with several new capabilities to help you secure your containers.

1. Visibility to the containers hosted on IaaS Linux machines

In Azure Security Center, a new tab of containers is now available and displays all virtual machines with Docker.

A new tab of containers is now available in Azure Security Center

When exploring the security issues of a virtual machine, Security Center now provides additional information related to the containers on the machine, such as Docker version and the number of images running on the host.

Docker version

2. Security recommendations based on the CIS benchmark for Docker

Security Center scans your Docker configurations and gives you visibility into misconfigurations by providing a list of all failed rules that were assessed. Security Center gives you guidelines to help you resolve these issues quickly and save time. Security Center continuously assesses the Docker configurations and provides you with their latest state.

Security recommendations based on the CIS benchmark for Docker

3. Real time container threat detection

Security Center now provides real-time threat detection for your containers on Linux machines with AuditD component.

The alerts identify several suspicious Docker activities, such as the creation of a privileged container on host, an indication of Secure Shell (SSH) server run inside a Docker container, or the usage of crypto miners. You can use this information to quickly remediate security issues and improve the security of your containers.

PremiumSSD

To start securing your containers, public cloud customers can take advantage of the public preview of this capability in the Standard tier of Security Center. If you are new to Azure, container security is part of the free, 60-day Security Center trial.