Lavi Lazarovitz, the Research Team Lead at the Israel-based company, told iTWire during a chat recently that as containers had been implemented on Linux first and only recently on Windows, those who knew about Linux security would know how to secure them.
Lazarovitz was in Australia to present a talk on container security at the AusCert conference. He also gave a talk at his own employer's IMPACT forum in Sydney.
Containers offer the benefit of less overhead as it is only the application that runs within, unlike a virtual machine. Lazarovitz said, from the point of view of a company, it was better to have any attack isolated in a container, rather than in a privileged virtual machine with access to a host.
DevOps tools and environments were at the same stage in terms of security as Microsoft operating systems were back in 2002, Lazarovitz claimed, the time at which Windows XP had just been released.
He said DevOps tools were operation-oriented and built to satisfy the need for speed. "Security is a feature," he added, and it was not part of the default build.
Lazarovitz also offered a word of caution about cloud environments as there was no uniform implementation of security. Microsoft, Amazon, Google and Oracle all had their own systems of privileged users and this tended to create confusion.
He is the second person from Israel to warn about cloud environments; last month, Ran Nahmias, the head of Cloud Security at Check Point, told iTWire the chances of misconfiguration of a cloud environment were much greater that in a traditional computing environment as the staff managing the cloud were, in many case, lacking in cloud specific competencies and knowledge. It was also often the case that there were insufficient expert staff to attend to security.
Asked whether the fact that all Israelis had to go through military training had an impact on their outlook when it came to working in the IT industry, Lazarovitz said it was a definite plus, affecting each person's outlook on research and development.