VMware is coming into the race to secure modern, cloud-native environments by incorporating container runtime security to its Carbon Black Container safety solution, which it launched in April 2021.
Defending cloud-native environments at runtime is presenting developers and stability experts with a complete new set of security criteria, primary them further than just hardening a Kubernetes cluster and into the realms of dynamic vulnerability scanning, identification management, and obtain controls.
Due to the fact containers are remaining spun up and down all the time, securing container environments is relatively difficult, with a have to have for better visibility and automation to hold containers secure and compliant at all situations.
To fulfill these difficulties, VMware is adding the following characteristics to its Carbon Black Container stability solution:
- Runtime cluster graphic scanning: Security or devops teams can automate runtime vulnerability scanning and customise procedures to aid be certain container pictures are generally safe.
- Integrated alerts dashboard: To perspective events and anomalies in a runtime environment for a lot more successful investigation, correlation, and resolution of safety activities.
- Kubernetes visibility mapping: Watch the architecture of an software to superior comprehend place connections, prospective workload policy violations, and vulnerable illustrations or photos.
- Workload anomaly detection: Standardize networking modules and warn protection groups to deviations.
- Egress and ingress security: Extra visibility into any external source that is achieving out to a Kubernetes assistance for a lot easier detection of malicious egress connectivity centered on the IP handle and the behavioral details.
- Threat detection: Scans open ports to check for vulnerabilities and speedily see if there is a lateral attack in progress.
“Protecting the runtime is the foundation of securing the inner workings of a modern application,” Tom Gillis, normal manager for networking and innovative stability at VMware, stated in a assertion. “With the introduction of container runtime security, our close-to-close protection featuring is now tightly built-in across the total software lifecycle, safeguards all east-west site visitors, and delivers a new stage of distributed visibility and protection to APIs.”
This need for greater runtime safety has led to a rapid-growing ecosystem of startups and safety suppliers, like startups like Deepfence, Sysdig, Aqua Stability, Anchore, and Lacework, as perfectly as vendors who have acquired these abilities, this kind of as Palo Alto Networks’ TwistLock, Crimson Hat’s StackRox, and Suse’s NeuVector.
Container runtime safety is accessible instantly for advanced bundle prospects of VMware’s Carbon Black Container.
Copyright © 2022 IDG Communications, Inc.