Home Applications Achieving Open Source Security in Container Environments

Achieving Open Source Security in Container Environments

0
Achieving Open Source Security in Container Environments
0

Today, open source components are at the heart of most modern applications, transforming how we architect solutions in every industry. Black Duck’s 2017 Open Source Security and Risk Analysis of over 1000 commercial applications revealed that 96% of applications scanned utilized open source. Meanwhile, more than 60% of those applications contained known security vulnerabilities in their open source components, and on average, vulnerabilities identified in these applications have been publicly known for over four years.

As we saw in the news last year, unremediated known vulnerabilities can cause serious damage. The massive Equifax data breach that exposed the private data of 145.5 million people was due to exploitation of a known vulnerability (CVE-2017-5638) in Apache Struts, a popular open source framework for creating web applications. Use of Apache Struts is by no means unusual – this framework is used across the Fortune 100, providing web applications in Java and powering both front-end and back-end applications. The vulnerability exploited was originally reported in March 2017, and at that time of disclosure there were already exploits freely available. (For a complete timeline of the Apache Struts vulnerability from bug to breach, check out this post.)

A few key takeaways from the Equifax breach:

Read the entire article here, Achieving Open Source Security in Container Environments

Via the fine folks at NeuVectdor.

Categories:
NeuVector NeuVector was founded by security and enterprise software veterans with the vision of simple, scalable security for container based applications. The team has over 20 years of security, virtualization, and enterprise software experience from companies such as VMWare, Fortinet, Cisco, and Trend Micro.

Featured Resources:

Related Articles:

| LATEST FEATURED RESOURCES

White Papers

    Application Lifecycle Management with Stratusphere UX – White Paper

    Enterprises today are faced with many challenges, and among those at the top of the list is the struggle surrounding the design, deployment, management and operations that support desktop applications. The demand for applications is increasing at an exponential rate, and organizations are being forced to consider platforms beyond physical, virtual and cloud-based environments. Users […]

    Downloads

      Download Commvault VM Backup and Recovery: end-to-end VM backup, recovery and cloud management

      Commvault’s ability to provide end-to-end VM backup, recovery and cloud management creates a significantly better way to build, protect and optimize VMs throughout their lifecycle. Our best-in-class software for VM backup, recovery and cloud management delivers a number of significant benefits, including: VM recovery with live recovery options; backup to and in the cloud; custom-fit […]

      On-Demand Webinars

        What’s Going on in EUC Printing – A Technical Deep Dive!

        The IGEL Community and ThinPrint invite you to watch the following technical deep dive webinar. The agenda is to technically bring you up to speed on what’s going on in the EUC Printing space today along with a deep dive into new methods, technologies, printing scenarios and a discussion on why printing still matters. You […]

        Latest Videos

          Views All IT News on DABCC.com
          Views All IT Videos on DABCC.com
          Win big $$, visit ITBaller.com for more info!

          Visit Our Sponsors

          Close