Developers are often viewed as the aggressors when it comes to online security. But participants at a Black Hat USA session argued that developers were actually the new targets of attacks. This is increasingly coming to light as container developers become a bigger part of enterprise operations.
Sagie Dulce, senior security researcher at Aqua Security, said developers in charge of microservices and container deployments have become a prime target by their peers of security attacks.
Dulce said most developers are not paid to “think security” when working on platforms. This leads to developers taking short cuts when initially setting up a container or Docker deployment in an attempt to speed up work, but at the expense of security down the road.
“It’s not secure, but you might do it anyway because it helps to get things done,” Dulce said. “A single developer can lead to all containers being infected.”
Read more at SDx Central