Get better container security with GitLab: 4 real-world examples

Get better container security with GitLab: 4 real-world examples

This post shows examples of how GitLab can help increase the security of such applications and their hosting environment. We focus on web applications, but most of the security features described in this post apply to any containerized apps.

The number of web applications hosted in containers grows every day, but data from our 2020 Global DevSecOps Survey showed a majority of companies don't have a container security strategy in place. This post shows examples of how GitLab can help increase the security of such applications and their hosting environment. We focus on web applications, but most of the security features described in this post apply to any containerized apps.

Detailed descriptions and examples of the tactics and techniques mentioned in this post can be found in the MITRE ATT&CK Matrix.

Threat Models

To help with our scenarios, we're taking two tactics from the MITRE ATT&CK matrix: Initial Access and Execution. There are similar categories in other frameworks, such as the cyber kill chain.

Initial Access

In this phase, an attacker is attempting to establish access to your computing resources through different techniques. A single one might be sufficient for the attack to succeed but, quite often, a successful compromise relies on a few different methods.

The diagram below shows three examples of how an attacker can gain access to a container hosting an application accessible from the Internet.

There are different ways threat vectors can be exploited but, to demonstrate GitLab's features, let's pick some specific examples of how it can happen. None of these are made-up by the way; they have all happened - and continue to happen - in the wild.

  1. Exposed Credentials. Someone with legitimate access to your systems saved valid account credentials in an application's code repository.
  2. Supply Chain Attack. There's no apparent vulnerability in the application itself but the attacker managed to introduced one in an external dependency utilized by the application, so now it, too, is vulnerable.
  3. Exploit. The application is vulnerable to command execution because it doesn't validate user input properly.

Execution

At this point, the attacker has:

  1. Acquired credentials that allow access to most areas of the web application.
  2. Discovered that the application is vulnerable to remote code execution.
  3. Introduced a different vulnerability to the application via an external dependency.

The next objective is to use one or more of these assets to execute instructions of their choice on the target systems. The diagram below shows different ways this can be accomplished.

security

Bootstrap 5 Complete Course with Examples

Bootstrap 5 Tutorial - Bootstrap 5 Crash Course for Beginners

Nest.JS Tutorial for Beginners

Hello Vue 3: A First Look at Vue 3 and the Composition API

Building a simple Applications with Vue 3

Deno Crash Course: Explore Deno and Create a full REST API with Deno

How to Build a Real-time Chat App with Deno and WebSockets

Convert HTML to Markdown Online

HTML entity encoder decoder Online

Best Custom Web & Mobile App Development Company

Top Web & Mobile Application Development Company in India & USA. We specialize in Golang, Ruby on Rails, Symfony, Laravel PHP, Python, Angular, Mobile Apps, Blockchain, & Chatbots

10 Cyber Security Tools to Watch Out for in 2021 - DZone Security

In this article, take a look at ten cyber security tools to watch out for in 2021, including NMap, Wireshark, Metasploit, and more!

How to Keep Your Java Applications Secure - DZone Security

The solution to keeping your Java applications secure is simple: make sure they stay up to date. Check out the details within.

What are the top Cyber Security Threats in 2020?

Learn Cyber Defense programming by Cyber Security Training. Know how to stop tactics of ransomware, malware, social engineering, phishing by hacking course.

Cloud Security: Is it Worth it?

Storing and managing corporate data by applying the cloud is becoming more and more popular. Companies grow, and it gets too expensive, and resources consuming to store their data on traditional servers. To prove it, look at the research conducted by Google in 2019 that includes insights for the cloud computing market for the next 10 years.