Containers under attack: What your app sec team needs to know
As a network-penetration expert, Wesley McGrew regularly runs red-team exercises against the networks of his clients, and increasingly he is seeing containerized applications being targeted.
While containers bring the benefits of standardization, isolation, and the principle of least privilege to the development of cloud-based software, they can be a boon for attackers. Containerized applications don’t necessarily introduce any new vulnerabilities, but they do present additional attack vectors.
Continued at: Containers under attack: What your app sec team needs to know — TechBeacon