Profiling of spawned processes in container images and enforcing security policies respective thereof

What is claimed is: 1. A method for securing execution of software containers, comprising: generating a security profile for a container image, wherein the container image includes resources utilized to execute a corresponding application container, wherein the generated security profile includes at least a spawned processes profile, wherein the spawned processes profile includes, for each spawned process executed at runtime by the application container, a signature of an executable file of the spawned process; monitoring operation of a runtime execution of the application container; and detecting a violation of the spawned processes profile based on the monitored operation. 2. The method of claim 1 , further comprising: exporting the container image to a host device from an image registry, wherein the security profile is generated based on the container image stored in the host device without executing the container image on the host device. 3. The method of claim 1 , further comprising: scanning contents of the container image to identify an entry-point script, wherein the entry-point script is a first process being executed upon launching of an application container; identifying calls for any spawned process in the entry-point script; obtaining the respective executable file for each identified call; and generating a signature for each obtained executable file, wherein the spawned processes profile includes each generated signature. 4. The method of claim 3 , wherein generating each signature further comprises: computing any of a check-sum value and a hash value over the contents of the executable file. 5. The method of claim 4 , wherein monitoring the operation of the runtime execution of the application container further comprises: intercepting communications to and from the application container during the runtime execution of the application container, wherein each intercepted communication includes at least a call to execute a spawned process. 6. The method of claim 5 , wherein detecting the violation of the spawned process further comprises: capturing an executable file of the spawned process being called in each intercepted communication; generating a signature for each captured executable file; and comparing each generated signature to the respective signature saved in the spawned processes profile, wherein the violation of the spawned processes profile is detected based on a signature mismatch for at least one intercepted communication of the intercepted communications. 7. The method of claim 1 , wherein the container image is a static file, wherein the application container is a runtime instance of a software container executing a specific application. 8. The method of claim 1 , wherein generating the security profile further comprises: scanning at least one program identified in the container image to identify, for each scanned program, a callable unit; and mapping each identified callable unit to a respective system call, wherein each system call is triggered upon a runtime execution of the respective callable unit, wherein storing the mapping of callable units to system calls in the security profile. 9. The method of claim 8 , wherein the mapping is performed based on a mapping table, wherein the mapping table includes a list of callable units for a plurality of runtime processes and at least one matching system call for each callable unit of the list of callable units. 10. A non-transitory computer readable medium having stored thereon instructions for causing a processing circuitry to execute a process, the process comprising: generating a security profile for a container image, wherein the container image includes resources utilized to execute a corresponding application container, wherein the generated security profile includes at least a spawned processes profile, wherein the spawned processes profile includes, for each spawned process executed at runtime by the application container, a signature of an executable file of the spawned process; monitoring operation of a runtime execution of the application container; and detecting a violation of the spawned processes profile based on the monitored operation. 11. The non-transitory computer readable medium of claim 10 , wherein the process further comprises: exporting the container image to a host device from an image registry, wherein the security profile is generated based on the container image stored in the host device without executing the container image on the host device. 12. A system for securing execution of software containers, comprising: a processing circuitry; and a memory, the memory containing instructions that, when executed by the processing circuitry, configure the system to: generate a security profile for a container image, wherein the container image includes resources utilized to execute a corresponding application container, wherein the generated security profile includes at least a spawned processes profile, wherein the spawned processes profile includes, for each spawned process executed at runtime by the application container, a signature of an executable file of the spawned process; monitor operation of a runtime execution of the application container; and detect a violation of the spawned processes profile based on the monitored operation. 13. The system of claim 12 , wherein the system is further configured to: export the container image to a host device from an image registry, wherein the security profile is generated based on the container image stored in the host device without executing the container image on the host device. 14. The system of claim 12 , wherein the system is further configured to: scan contents of the container image to identify an entry-point script, wherein the entry-point script is a first process being executed upon launching of an application container; identify calls for any spawned process in the entry-point script; obtain the respective executable file for each identified call; and generate a signature for each obtained executable file, wherein the spawned processes profile includes each generated signature. 15. The system of claim 14 , wherein the system is further configured to: compute any of a check-sum value and a hash value over the contents of the executable file. 16. The system of claim 15 , wherein the system is further configured to: intercept communications to and from the application container during the runtime execution of the application container, wherein each intercepted communication includes at least a call to execute a spawned process. 17. The system of claim 16 , wherein the system is further configured to: capture an executable file of the spawned process being called in each intercepted communication; generate a signature for each captured executable file; and compare each generated signature to the respective signature saved in the spawned processes profile, wherein the violation of the spawned processes profile is detected based on a signature mismatch for at least one intercepted communication of the intercepted communications. 18. The system of claim 12 , wherein the container image is a static file, wherein the application container is a runtime instance of a software container executing a specific application. 19. The system of claim 12 , wherein the system is further configured to: scan at least one program identified in the container image to identify, for each scanned program, a callable unit; and map each identified callab