Tag
container-runtime
Safeguard articles tagged "container-runtime" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Vulnerability Analysis
containerd-shim abstract Unix socket container escape (CVE-2020-15257)
CVE-2020-15257 let containers sharing a host network namespace abuse containerd-shim's abstract socket API. Here's the impact, fix, and remediation path.
Jan 9, 20267 min read
Container Security
Container Runtime Security Comparison: runc, gVisor, Kata, and Firecracker
Your container runtime determines the strength of your isolation boundary. Here is an honest comparison of runc, gVisor, Kata Containers, and Firecracker from a security perspective.
Dec 12, 20237 min read