Some of the main security benefits of using a Container based system are as follows:
- Segregation: In a Container based system we segregate the applications on different containers. Each application may be running on same host but in a separate container. Each application has access to ports, files and other resources that are provided to it by the container.
- Transient: In a Container based system, each application is considered as a transient system. It is better than a static system that has fixed environment which can be exposed overtime.
- Control: We use repeatable scripts to create the containers. This provides us tight control over the software application that we want to deploy and run. It also reduces the risk of unwanted changes in setup that can cause security loopholes.
- Security Patch: In a Container based system, we can deploy security patches on multiple containers in a uniform way. Also it is easier to patch a Container with an application update.