Using a Hardened Container Image for Secure Applications in the Cloud
CIS® is continuing to expand its cloud offerings with new CIS Hardened Images™ for containers. The CIS Hardened Image for Ubuntu 16.04 is the first hardened container image we’ll release for use in a Docker container on AWS. Read on to learn more about the CIS hardening process and whether a hardened container image is right for your application.
Working Securely in the Cloud
CIS Hardened Images have been available on AWS for several years and more recently on Azure and GCP. They are cloud-based images that are preconfigured according to the proven security recommendations of the CIS Benchmarks™. The CIS Benchmarks are recognized as global standards and best practices for securing IT systems and data against cyber threats.
Containers and the Cloud
A CIS Hardened Image for use in a Docker container is the latest cloud offering from CIS and is available on AWS. A Docker container is a standard unit of software that packages up code and all its dependencies so the application runs quickly and reliably from one computing environment to another. Benefits of working in a cloud-based container include:
- Building and testing applications quickly, benefitting DevOps and testing processes.
- Applications that are packaged in containers can be easily swapped in and out.
- Portability – easy to move between environments.
- Flexibility, cost-effectiveness, and ease of use.
CIS Hardened Images for Containers
AWS and AWS users who want to work securely in the cloud drove the development of the CIS Hardened Image for Ubuntu 16.04 for Docker. Benefits of using a CIS-hardened container image include:
- Deploy quickly with a pre-hardened image that’s configured for use in a container.
- Easy to patch – take out the old layer and bring in the patched layer, test, and proceed or easily roll back if necessary.
- Use only what you need – AWS bills usage by the second (with a minute minimum).
AWS announced added Marketplace support for software products that use Docker containers at the AWS re:Invent conference in Las Vegas. As a launch partner, CIS is excited to be one of the first to offer container images on AWS. Give it a try today!