Secure runtime for virtual machines

What is claimed is: 1. A data management system, comprising: a non-transitory machine-readable medium storing instructions; and one or more processors in communication with the non-transitory machine-readable medium, the one or more processors configured to cause the data management system to perform operations based at least in part on executing the instructions, the operations including: generating, with the one or more processors, a containerized runtime configured to access a plurality of data sources using one or more application programming interfaces (APIs); instantiating, with the one or more processors, an application in the containerized runtime; receiving, with the one or more processors and from the application, a request for data; determining, with the one or more processors, a data source of the plurality of data sources that includes the requested data; identifying, with the one or more processors and from among the one or more APIs, an API that is operable to access the data source; and providing, with the one or more processors and via the identified API, the application with read-only access to the data source for operations by the application in the containerized runtime. 2. The data management system of claim 1 , wherein the operations further comprise: enabling, with the one or more processors, network access to the application. 3. The data management system of claim 1 , wherein the data source is a snapshot of a virtual machine. 4. The data management system of claim 1 , wherein the operations further comprise: restoring a database to a target location, wherein the application performs queries on the restored database. 5. The data management system of claim 1 , wherein the data includes input and output from a virtual machine and the operations further comprise: disabling the virtual machine upon detection of malware. 6. The data management system of claim 1 , wherein the operations further comprise: instantiating a second virtual machine, wherein the containerized runtime is within a section of memory allocated to the second virtual machine. 7. The data management system of claim 1 , wherein the application includes a user interface, and wherein the operations further comprise: generating the user interface to display indexed files. 8. A computer-implemented method at a data management system, the method comprising: generating, with one or more processors, a containerized runtime configured to access a plurality of data sources using one or more application programming interfaces (APIs); instantiating, with the one or more processors, an application in the containerized runtime; receiving, with the one or more processors and from the application, a request for data; determining, with the one or more processors, a data source of the plurality of data sources that includes the requested data; identifying, with the one or more processors and from among the one or more APIs, an API that is operable to access the data source; and providing, with the one or more processors and via the identified API, the application with read-only access to the data source for operations by the application in the containerized runtime. 9. The method of claim 8 , further comprising: enabling, with the one or more processors, network access to the application. 10. The method of claim 8 , wherein the data source is a snapshot of a virtual machine. 11. The method of claim 8 , further comprising: restoring a database to a target location, wherein the application performs queries on the restored database. 12. The method of claim 8 , wherein the data includes input and output from a virtual machine, and wherein the method further comprises: disabling the virtual machine upon detection of malware. 13. The method of claim 8 , further comprising: instantiating a second virtual machine, wherein the containerized runtime is within a section of memory allocated to the second virtual machine. 14. The method of claim 8 , wherein the application includes a user interface, and wherein the method further comprises: generating the user interface to display indexed files. 15. A non-transitory, machine-readable medium storing instructions which, when read by a data management system, cause the data management system to perform operations comprising, at least: generating, with one or more processors, a containerized runtime configured to access a plurality of data sources using one or more application programming interfaces (APIs); instantiating, with the one or more processors, an application in the containerized runtime; receiving, with the one or more processors and from the application, a request for data; determining, with the one or more processors, a data source of the plurality of data sources that includes the requested data; identifying, with the one or more processors and from among the one or more APIs, an API that is operable to access the data source; and providing, with the one or more processors and via the identified API, the application with read-only access to the data source for operations by the application in the containerized runtime. 16. The medium of claim 15 , wherein the operations further comprise: enabling, with the one or more processors, network access to the application. 17. The medium of claim 15 , wherein the data source is a snapshot of a virtual machine. 18. The medium of claim 15 , wherein the operations further comprise: restoring a database to a target location, wherein the application performs queries on the restored database. 19. The medium of claim 15 , wherein the data includes input and output from a virtual machine and the operations further comprise: disabling the virtual machine upon detection of malware. 20. The medium of claim 15 , wherein the operations further comprise: instantiating a second virtual machine, wherein the containerized runtime is within a section of memory allocated to the second virtual machine. 21. The medium of claim 15 , wherein the application includes a user interface, and wherein the operations further comprise: generating the user interface to display indexed files.