Cloud workload protection with container security

Issue 2 2021 IT infrastructure

VMware this month unveiled expanded cloud workload protection capabilities to deliver security for containers and Kubernetes. The new solution will help increase visibility, enable compliance and enhance security for containerised applications from build to production in public cloud and on-premises environments.

“Containers and Kubernetes are enabling organisations to develop and modernise applications faster than ever, but the innovation is also expanding the attack surface,” said Patrick Morley, senior vice president and general manager, Security Business Unit, VMware. “Our solution extends security to containers and Kubernetes to deliver a comprehensive cloud workload protection platform. With security built into the development and deployment of applications, we are bridging the gap between the SOC and DevOps teams to help our customers reduce the risks that come with running containers across clouds.”

For many organisations, migrating to the cloud has had to happen quickly and at a large scale to ensure business continuity amid the global pandemic. Development teams are looking to containers and Kubernetes for speed and the ability to scale application delivery. According to Gartner, “by 2025, more than 85% of global organisations will be running containerised applications in production, which is a significant increase from fewer than 35% in 2019,” (Gartner, Best Practices for Running Containers and Kubernetes in Production, Arun Chandrasekaran, August 2020). Organisations now need security for modern workloads to address a new set of threats and build resilient digital infrastructure.

VMware’s expanded cloud workload protection capabilities will deliver a comprehensive solution for InfoSec teams including:

Security posture dashboard: Provides a combined view of vulnerabilities and misconfigurations to enable complete visibility into security posture across Kubernetes workload inventory. InfoSec and DevOps teams can gain deep visibility into workload security posture and governance to enable compliance, with the ability to freely explore Kubernetes workload configuration via customised queries.

Container image scanning and hardening: InfoSec and DevOps teams can scan all container images to identify vulnerabilities and restrict the registries and repositories that are allowed in production. Teams can set minimum standards for security and compliance, generate compliance reports and follow CIS benchmarks and Kubernetes best practices.

Prioritised risk assessment: Vulnerability assessments allow InfoSec and DevOps teams to review images running in production and only approved images are deployed. Security teams can use the prioritised risk assessment to detect and prevent vulnerabilities by scanning Kubernetes manifests and clusters.

Compliance policy automation: InfoSec teams can shift-left into the development cycle, streamline compliance reporting and automate policy creation against industry standards such as NIST, as well as the customer’s organisational requirements. This enables the integrity of Kubernetes configurations through control and visibility of workloads that are deployed to an organisation’s clusters. Customisable policies help enforce configuration by blocking or alerting on exceptions.

The future of intrinsic security

The container security module complements the VMware Tanzu portfolio. Select Tanzu editions include a global control plane for centralised management of all aspects of cluster lifecycle, including policies for access, data protection, and more. Customers can now add powerful security for containers and Kubernetes applications while simplifying operations for InfoSec and DevOps teams.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Cyber resilience is more than cybersecurity
Technews Publishing Cyber Security Integrated Solutions IT infrastructure
Hi-Tech Security Solutions held a round-table discussion focusing on cyber resilience and found that while the resilience discipline includes cybersecurity, it also goes much further.

Read more...
Reliable, low-maintenance video appliances
Technews Publishing Editor's Choice CCTV, Surveillance & Remote Monitoring News IT infrastructure Products
Symetrix, part of the Agera Group, has added the AES range of video recording servers, storage appliances and workstations to its portfolio.

Read more...
Infinidat a leader in ransomware protection
IT infrastructure Products
InfiniSafe brings together the key foundational requirements essential for delivering comprehensive cyber-recovery capabilities with immutable snapshots, logical air-gapped protection, a fenced forensic network, and near-instantaneous recovery of backups of any repository size.

Read more...
What’s the difference between SASE, SD-WAN and SSE?
IT infrastructure
When it comes to the wide area network (WAN), the letter ‘S’ plays a pivotal role – from SASE to SD-WAN to SSE – but there can be some confusion with so many WAN ‘S’ acronyms.

Read more...
Cold chain integrity in real time
Technews Publishing Editor's Choice Asset Management, EAS, RFID IT infrastructure Transport (Industry) Logistics (Industry)
DeltaTrak offers real-time farm-to-fork IoT monitoring of the cold chain to ensure every step of the journey is recorded and verifiable via the cloud.

Read more...
BCX and Alibaba Cloud confirm partnership
News IT infrastructure
BCX and Alibaba Cloud have formed a partnership to bring cloud technologies to businesses in South Africa to drive local digitalisation.

Read more...
IoV – the cutting edge of vehicle automation
Integrated Solutions IT infrastructure Transport (Industry) Logistics (Industry)
Today’s cars have become bona fide connected machines and not merely an extension of our mobile devices such as smartphones.

Read more...
Advanced technologies to curb corruption
News Cyber Security IT infrastructure
The use of advanced technology to curb fraud, corruption and cyber-related crimes received a massive boost as the Council for Scientific and Industrial Research (CSIR) and Special Investigation Unit (SIU) agreed to work together.

Read more...
DMaaS is the solution to hybrid cloud complexity woes
IT infrastructure
After an initial scramble to move everything to the cloud, companies are increasingly moving to a hybrid cloud environment, with a mix of private and public cloud infrastructure and services, coupled with on-premises storage.

Read more...
The current and future state of smart OT security
Technews Publishing Industrial (Industry) Cyber Security IT infrastructure
Nearly 60% of survey respondents also revealed that their organisation suffered at least one OT breach during the past 12 months, with 10% experiencing four or more.

Read more...