Businesses’ demand for speed and developers’ heavy workloads have undermined “shift left” security efforts, leading to unsafe use of public container images and loss of control over deployments. Qualys’ analysis of over 34,000 public images found roughly 7.3% malicious with many containing cryptominers and exposed secrets, prompting a recommendation to move security “down” into platform-level automation and golden paths. #DockerHub #AWS
Keypoints
- Business pressure for fast delivery routinely causes developers to bypass slow or noisy security checks.
- Qualys analyzed over 34,000 public container images and found about 7.3% were malicious, with 70% of those containing cryptomining software.
- Many images contained exposed secrets, including AWS access keys and GitHub tokens, creating high-risk supply chain issues.
- Typosquatting and misplaced trust in public registries like Docker Hub are common causes of malicious image deployment.
- The recommended “shift down” approach embeds security in the platform via internal artifact repositories, automated CI scans, admission controllers, and automatic remediation.