Container orchestration and automation introduce new risks

Stuart Green, Cloud Security Architect at Check Point Software, explains, “Cloud security incidents may involve complex attacks, but the simplest barely qualify as “attacks” and are more likely to involve data being left freely accessible to anyone who knows where to look.

“A lot of loosely coupled components are used in more complex cloud architectures, each with its own set of configurations and the potential for misconfigurations.Green asserts that while the majority of cloud’s core services are generally well understood and deployed in extremely secure ways, more complex areas like container orchestration and automation can introduce new risks.

On the automation side, as software and DevOps get more attention, there are more things to think about, like software supply chain risks when external, possibly unverified code is brought into corporate environments.