Introduction
Securing a container platform is a multi-step process spanning from development to production. The process of securing containers is continuous. It should be integrated into your development process, automated to remove the number of manual touchpoints, and extended into the maintenance and operation of the underlying infrastructure. Container security thus is the process of implementing security tools and policies to ensure that your container is running as intended.
There are a lot of Docker security practices and Kubernetes security practices. But there are gaps: there could be Image vulnerabilities or container abnormalities still. Some of these can be captured and addressed using various static container image scanning tools. But there is a need to analyze the container behavior at run-time to detect any bogus configurations, which are intentional or not, leading to data loss, security intrusions, and eventually leading to different vulnerabilities. If a container is not running as expected, then it could attack that exploited an existing vulnerability. So the run-time container scanning is essential to detect any action that deviates from the norm.