Quantifying the Security Posture of Containerized Mission Critical Systems

Determining the security posture of containerized mission-critical systems is difficult given the vast number of parameters that determine a systemu0027s ability to withstand cyber-attacks. In many cases, technical audits can be performed to determine a systemu0027s security posture and to evaluate how well they are configured to protect against known cyber-threats. Properly configuring systems can lead to higher security, however, the configuration and auditing process can be time-consuming and error-prone. In addition, the results obtained from these audits can be difficult to summarize into one meaningful metric that accurately characterizes systemu0027s security posture as guided by customer needs. In this work, we propose an approach for computing a security-posture metric for containerized systems that supports operators during the sense-making process that follows traditional security audits. The results of this work can be used on a per-deployment case, taking into account what matters to operators of containerized mission-critical systems.