Assuming containers are secure and isolated should not be the trend nowadays, unfortunately multiple companies understimate the risk of not protecting properly the containers.
Here are general recommendations and links to explore this topic:
Area of Concern for Containers | Recommendation |
---|---|
Container Vulnerability Scanning and OS Dependency Security | As part of an image build step, you should scan your containers for known vulnerabilities. |
Image Signing and Enforcement | Sign container images to maintain a system of trust for the content of your containers. |
Disallow privileged users | When constructing containers, consult your documentation for how to create users inside of the containers that have the least level of operating system privilege necessary in order to carry out the goal of the container. |
Recommended additional reading :
Book from Liz Rice covering all the considerations for good container security - Link