DefinePK

Abstract

With the rising problems of portability, compati- bility, and scalability in deployment on different environments, containers were introduced. Containers are isolated, portable, and efficient ways of running modern applications. Their use- fulness as tools though, has also led to increased cases of insecurity. The conventional ways of container protection were Ubuntu, Clair, Grape, STRIDE, and DREAD frameworks that relied mostly on vulnerability assessment and threat modelling. However, these measures did not include changes in the evolving features of container attacks aimed at protecting image interfaces and APIs. This paper provides an in-depth analysis of malware attacks and restricting privileges to non-root users upon mali- cious identification. This is done to minimize the attack vectors including the preference of non-root users and only using up- to-date lightweight base images, and multiple build formations. In this paper, the implementation of the Trivy tool is done in the protection of malware attacks. Scanner Trivy is an Open- Source vulnerability scanner that can identify threats and eval- uate risks, to avoid misconfigurations and vulnerabilities. This prevents probable attacks by providing a secure and reliable host environment. Therefore, it helps future generations in mitigating the risks associated with working with contained environments and in overcoming any possible future threats.