Cloud workload protection with container security

Issue 2 2021 Infrastructure

VMware this month unveiled expanded cloud workload protection capabilities to deliver security for containers and Kubernetes. The new solution will help increase visibility, enable compliance and enhance security for containerised applications from build to production in public cloud and on-premises environments.

“Containers and Kubernetes are enabling organisations to develop and modernise applications faster than ever, but the innovation is also expanding the attack surface,” said Patrick Morley, senior vice president and general manager, Security Business Unit, VMware. “Our solution extends security to containers and Kubernetes to deliver a comprehensive cloud workload protection platform. With security built into the development and deployment of applications, we are bridging the gap between the SOC and DevOps teams to help our customers reduce the risks that come with running containers across clouds.”

For many organisations, migrating to the cloud has had to happen quickly and at a large scale to ensure business continuity amid the global pandemic. Development teams are looking to containers and Kubernetes for speed and the ability to scale application delivery. According to Gartner, “by 2025, more than 85% of global organisations will be running containerised applications in production, which is a significant increase from fewer than 35% in 2019,” (Gartner, Best Practices for Running Containers and Kubernetes in Production, Arun Chandrasekaran, August 2020). Organisations now need security for modern workloads to address a new set of threats and build resilient digital infrastructure.

VMware’s expanded cloud workload protection capabilities will deliver a comprehensive solution for InfoSec teams including:

Security posture dashboard: Provides a combined view of vulnerabilities and misconfigurations to enable complete visibility into security posture across Kubernetes workload inventory. InfoSec and DevOps teams can gain deep visibility into workload security posture and governance to enable compliance, with the ability to freely explore Kubernetes workload configuration via customised queries.

Container image scanning and hardening: InfoSec and DevOps teams can scan all container images to identify vulnerabilities and restrict the registries and repositories that are allowed in production. Teams can set minimum standards for security and compliance, generate compliance reports and follow CIS benchmarks and Kubernetes best practices.

Prioritised risk assessment: Vulnerability assessments allow InfoSec and DevOps teams to review images running in production and only approved images are deployed. Security teams can use the prioritised risk assessment to detect and prevent vulnerabilities by scanning Kubernetes manifests and clusters.

Compliance policy automation: InfoSec teams can shift-left into the development cycle, streamline compliance reporting and automate policy creation against industry standards such as NIST, as well as the customer’s organisational requirements. This enables the integrity of Kubernetes configurations through control and visibility of workloads that are deployed to an organisation’s clusters. Customisable policies help enforce configuration by blocking or alerting on exceptions.

The future of intrinsic security

The container security module complements the VMware Tanzu portfolio. Select Tanzu editions include a global control plane for centralised management of all aspects of cluster lifecycle, including policies for access, data protection, and more. Customers can now add powerful security for containers and Kubernetes applications while simplifying operations for InfoSec and DevOps teams.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Hytera supports communication upgrade for Joburg
News & Events Infrastructure Government and Parastatal (Industry)
By equipping Johannesburg’s metro police and emergency services with multimode radios which integrate TETRA and LTE networks, Hytera is bridging coverage gaps and improving response times across the city.

Read more...
The growing role of hybrid backup
Infrastructure Information Security
As Africa’s digital economy rapidly grows, businesses across the continent are facing the challenge of securing data in an environment characterised by evolving cyberthreats, unreliable connectivity and diverse regulatory frameworks.

Read more...
IoT-driven smart data to stay ahead
IoT & Automation Infrastructure AI & Data Analytics
In a world where uncertainty is constant, the real competitive edge lies in foresight. Businesses that turn real-time data into proactive strategies will not just survive, they will lead.

Read more...
Hydrogen is green but dangerous
Fire & Safety Infrastructure Power Management
Hydrogen infrastructure is developing quickly, but it comes with safety challenges. Hydrogen is flammable, and its small molecular size means it can leak easily. Additionally, fires caused by hydrogen are nearly invisible, making them difficult to detect and respond to.

Read more...
A whole-site solution to crack the data centre market
Fire & Safety Infrastructure Facilities & Building Management
Fire safety consultants and contractors who can offer a comprehensive fire safety solution to the data centre market can establish themselves as a supplier of a key safety features that help guarantee the smooth operation of critical infrastructure.

Read more...
Wireless network security market
Infrastructure
The wireless network security market is experiencing significant growth, driven by the increasing adoption of wireless technologies, a surge in cyberthreats, and rising demand for secure data transmission.

Read more...
Acronis and Metrofile Cloud announce partnership
Infrastructure Integrated Solutions
Acronis has appointed Metrofile Cloud as its premier disaster recovery (DR) partner in southern Africa, combining Acronis' technologies with Metrofile Cloud's local expertise to deliver secure and adaptable disaster recovery solutions for businesses across the region.

Read more...
Upgrade your PCs to improve security
Information Security Infrastructure
Truly secure technology today must be designed to detect and address unusual activity as it happens, wherever it happens, right down to the BIOS and silicon levels.

Read more...
The hidden cost of cheap networking gear
Duxbury Networking Infrastructure
When it comes to building a network, price is always a consideration, especially in the current economic climate, but there is a difference between smart spending and short-term savings with long-term losses.

Read more...
Open source code can also be open risk
Information Security Infrastructure
Software development has changed significantly over the years, and today, open-source code increasingly forms the foundation of modern applications, with surveys indicating that 60 – 90% of the average application's code base consists of open-source components.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.