I recently came across this book, Container Security by Liz Rice, while searching for material to read on how to secure containerized applications. This was the only book I could find on the topic, so I picked it up without thinking further. It was published in April 2020.

Content overview

The book's tagline, "Fundamental Technology Concepts that Protect Containerized Applications", provides an apt description of the content. It starts with basic concepts which are necessary to understand before we set out to secure containers. Even though the book is divided into 14 chapters, they can be rolled up into following three broad categories:

• How containers work or, more aptly, what makes containers possible? - Chapters 2-5. In these chapters the author provides a brief introduction to various Linux components, such as Namespaces, Control Groups, Sys calls, Permissions, Capabilities etc. that work together to enable the technology we know as Containers. After all, a container is still a Linux process running on the host machine. This part ends by giving a bird's eye view of virtual machines and how containers are different from VMs.

• Securing various aspects of containers - Chapters 6-13. In each of these chapters the author describes a facet of containers and also provides recommendations on securing it. For example, in chapter 6 she describes how container images are built and also provides security best practices to protect container images. This part also covers concepts like rootless containers, Kata containers, Unikernels etc.

• Container security threats, recommendations and checklist - Chapter 1, 14 and security checklist. In the first chapter the author covers various threats associated with containers and provides mitigations to address them. The author has also provided a container threat model in this chapter. In chapter 14, the author maps various vulnerabilities associated with containers to OWASP Top 10. Finally, at the end of the book the author has also provided a security checklist based on her recommendations throughout the book.

Salient features

Here are a few things I liked about this book:

• Good coverage of container threats and security best practices.

• It builds the foundation by describing how containers work on the ground. This understanding is fundamental for learning how to secure containers.

• The author had provided a lot of useful commands for enumerating containers (they are spread throughout the book and not covered specifically under this heading).

• The author has also provided various tools that can be used to secure containers.

• It is written in an easy to understand manner despite being technical in nature.

• Security checklist at the end of the book.

• At 180 pages, it's short and concise. Packed with a lot of useful information.

• This book is good for developers working on containerized applications, cloud security professionals, security managers and red teamers.

Not so salient features

Here are a few things I did not like about this book:

• None.

My rating: 5.0 / 5.0

Join our book club on Discord and share your views on this book (or any other security book of your choice).

Other book reviews

• The Cybersecurity Manager's Guide by Todd Barnum

• Practical Social Engineering by Joe Gray

• Ethical Hacking by Daniel G. Graham

• How to Hack Like a GHOST by Sparc Flow

• How to Hack Like a LEGEND by Sparc Flow

• CCSP for dummies by Arthur J. Deane

• Cyber Warfare – Truth, Tactics, and Strategies by Dr. Chase Cunningham

• Practical Threat Intelligence and Data-Driven Threat Hunting by Valentina Costa-Gazcón

• Hacking APIs by Corey Ball

• Penetration Testing Azure for Ethical Hackers by David Okeyode, Karl Fosaaen

• Pentesting Azure Applications by Matt Burrough

• Red Team Development and Operations by Joe Vest and James Tubberville

• Web Application Security by Andrew Hoffman