New Training: Configure Advanced Security for Containers
In this 7-video skill, CBT Nuggets trainer Daniel Sasse discusses Azure Networking technology and the services and configuration options that are available to secure it, including Azure Firewalls, Network Security Groups and Service Endpoints. Watch this new Azure training.
Watch the full course: Microsoft Certified: Azure Security Engineer Associate
This training includes:
- 7 videos
- 39 minutes of training
You’ll learn these topics in this skill:
- Configure Security for the Azure Container Registry
- Configure Authentication for the Azure Container Registry
- Configure Security for Different Types of Containers
- Configure Isolation for Azure Kubernetes Service
- Configure Authentication for Azure Kubernetes Service
- Configure Security for Azure App Service
- Configure Authentication for Azure App Service
What Type of Security Should Azure Containers Have?
To limit vulnerabilities that are inherent in public registries such as Docker Hub, you should use a private registry such as Docker Trusted Registry, which you can install either onsite or within a virtual private cloud. Another option is to use a cloud-based private container registry service, such as Azure Container Registry.
You should further monitor and scan container images for vulnerabilities. You should do this even when using private registries. If you use Azure Container Registry, you can integrate it with Azure Security Center, so that it will automatically scan your images. You can also use solutions such as Aqua Security and Twistlock.
Finally, you should secure all login and API credentials, especially if your containers are spread across clusters and regions. Make certain that only privileged users have access to your containers and that your developers make use of secrets-management tools that have been specifically designed for containers.