Security Analysis Of Container Images Using Cloud Analytics Framework

Container technology has become an integral part of today's major IT services. Although it offers several benefits, it also introduces new challenges for operating and maintaining secure container environments. One such challenge is to retain the ability to detect and address the containers' vulnerabilities and compliance violations. However, designing an effective solution to enable this capability must be based on the accurate understanding of characteristics observed from actual container images and instances. To contribute toward this objective, we have built a general data processing framework, applying the principles of the state-of-the-art. It is a system that decouples the data collection process from the analysis so as to allow user to focus more on building new analysis logics rather than on the tools for monitoring agents. We applied it to the analysis of container images from the Docker Hub image repository, to learn about their security posture. In this work we present various interesting findings and new insights from analyzing the public image corpus. We have learned that more than 92% of the images contain compliance violations and/or vulnerable packages.