Exploring container security: Using Cloud Security Command Center (and five partner tools) to detect and manage an attack | Google Cloud Blog

If you suspect that a container has been compromised, what do you do? In today’s blog post on container security, we’re focusing in on container runtime security—how to detect, respond to, and mitigate suspected threats for containers running in production. There’s no one way to respond to an attack, but there are best practices that you can follow, and in the event of a compromise, we want to make it easy for you to do the right thing.

Source: https://cloud.google.com/blog/products/gcp/exploring-container-security-using-cloud-security-comma

Exploring container security: Running a tight ship with Kubernetes Engine 1.10 | Google Cloud Blog

It’s only been a few months since we last spoke about securing Google Kubernetes Engine, but a lot has changed since then. Our security team has been working to further harden Kubernetes Engine, so that you can deploy sensitive containerized applications on the platform with confidence. Today we’ll walk through the latest best practices for hardening your Kubernetes Engine cluster, with updates for new features in Kubernetes Engine versions 1.9 and 1.10.

Source: https://cloud.google.com/blog/products/gcp/exploring-container-security-running-a-tight-ship-with-kubernetes-engine-1-10

Exploring container security: Protecting and defending your Kubernetes Engine network | Google Cloud Blog

Security is a crucial factor in deciding which public cloud provider to move to—if at all. Containers have become the standard way to deploy applications both in the public cloud and on-premises, and Google Kubernetes Engine implements several best practices to ensure the security and privacy of your deployments. In this post, we’ll answer some of your questions related to container networking security of Kubernetes Engine, and how it differs from traditional VM networking security.

Source: https://cloud.google.com/blog/products/gcp/exploring-container-security-protecting-and-defending-your-kubernetes-engine-network

Exploring container security: Digging into Grafeas container image metadata | Google Cloud Blog

The great thing about containers is how easy they are to create, modify and share. But that also raises the question of whether or not they’re safe to deploy to production. One way to answer that is to track metadata about your container, for example, who worked on it, where it’s stored, and whether it has any known vulnerabilities.

Source: https://cloud.google.com/blog/products/gcp/exploring-container-security-digging-into-grafeas-container-image-metadata