×

Systems and methods for secure containerization

  • US 10,116,625 B2
  • Filed: 01/08/2016
  • Issued: 10/30/2018
  • Est. Priority Date: 01/08/2016
  • Status: Active Grant
First Claim
Patent Images

1. A method for provisioning a secure container for running an application, comprising:

  • routing traffic between the application and a secure container service over a virtual private network;

    using network filter rules to restrict network traffic to or from the application other than traffic to or from the secure container service;

    using a customized domain name system service to provide name resolution to domain name system requests from the application within the secure container, the name resolution limited to server names allowed by a security policy;

    examining the secure container for known vulnerabilities and preventing the secure container from launching when a known vulnerability is detected, the examining including at least one of checking configuration settings to identify combinations of settings that create known vulnerabilities, checking versions of libraries or applications within the secure container to identify unpatched known vulnerabilities, performing a port scan to identify known vulnerabilities, and any combination thereof;

    establishing an inbound network proxy to filter and route approved inbound traffic to the application; and

    establishing an outbound network proxy to filter and route approved outbound traffic from the application.

View all claims
  • 5 Assignments
Timeline View
Assignment View
    ×
    ×