22k open, vulnerable containers found exposed on the net.

Position:Security News and Products

More than 22,000 container orchestration and API management systems are unprotected or publicly available on the internet, according to research from Lacework. According to reports, the containers suffer from poorly configured resources, lack of credentials and the use of non-secure protocols. As a result, hackers can remotely access the infrastructure to install, remove or encrypt any application that the company is running in the cloud. In total, Lacework found 22,672 open admin dashboards on the web; and more than 300 of them were unprotected by any credentials whatsoever.

Commenting on this, Tim Mackey, senior technical evangelist at Black Duck by Synopsys, said "The single most important item any administrator should have for their applications, be they containerised or container orchestration systems, is a sound authentication and authorisation model. While Lacework identified over 21,000 public cloud interface portals, other than identifying 305 sites with no authentication, no indication was provided as to the overall health of the authentication models used by the identified sites. While Lacework indicates in their research a preference for administrative consoles to not be public facing, having poor authentication strategies within clusters accessed via bastion host or VPN is equally problematic as lateral movement within an organisation by definition occurs within an organisation.

"Properly securing container orchestration solutions requires a comprehensive review of the role the...

To continue reading