Cloud workload protection with container security

Issue 2 2021 IT infrastructure

VMware this month unveiled expanded cloud workload protection capabilities to deliver security for containers and Kubernetes. The new solution will help increase visibility, enable compliance and enhance security for containerised applications from build to production in public cloud and on-premises environments.

“Containers and Kubernetes are enabling organisations to develop and modernise applications faster than ever, but the innovation is also expanding the attack surface,” said Patrick Morley, senior vice president and general manager, Security Business Unit, VMware. “Our solution extends security to containers and Kubernetes to deliver a comprehensive cloud workload protection platform. With security built into the development and deployment of applications, we are bridging the gap between the SOC and DevOps teams to help our customers reduce the risks that come with running containers across clouds.”

For many organisations, migrating to the cloud has had to happen quickly and at a large scale to ensure business continuity amid the global pandemic. Development teams are looking to containers and Kubernetes for speed and the ability to scale application delivery. According to Gartner, “by 2025, more than 85% of global organisations will be running containerised applications in production, which is a significant increase from fewer than 35% in 2019,” (Gartner, Best Practices for Running Containers and Kubernetes in Production, Arun Chandrasekaran, August 2020). Organisations now need security for modern workloads to address a new set of threats and build resilient digital infrastructure.

VMware’s expanded cloud workload protection capabilities will deliver a comprehensive solution for InfoSec teams including:

Security posture dashboard: Provides a combined view of vulnerabilities and misconfigurations to enable complete visibility into security posture across Kubernetes workload inventory. InfoSec and DevOps teams can gain deep visibility into workload security posture and governance to enable compliance, with the ability to freely explore Kubernetes workload configuration via customised queries.

Container image scanning and hardening: InfoSec and DevOps teams can scan all container images to identify vulnerabilities and restrict the registries and repositories that are allowed in production. Teams can set minimum standards for security and compliance, generate compliance reports and follow CIS benchmarks and Kubernetes best practices.

Prioritised risk assessment: Vulnerability assessments allow InfoSec and DevOps teams to review images running in production and only approved images are deployed. Security teams can use the prioritised risk assessment to detect and prevent vulnerabilities by scanning Kubernetes manifests and clusters.

Compliance policy automation: InfoSec teams can shift-left into the development cycle, streamline compliance reporting and automate policy creation against industry standards such as NIST, as well as the customer’s organisational requirements. This enables the integrity of Kubernetes configurations through control and visibility of workloads that are deployed to an organisation’s clusters. Customisable policies help enforce configuration by blocking or alerting on exceptions.

The future of intrinsic security

The container security module complements the VMware Tanzu portfolio. Select Tanzu editions include a global control plane for centralised management of all aspects of cluster lifecycle, including policies for access, data protection, and more. Customers can now add powerful security for containers and Kubernetes applications while simplifying operations for InfoSec and DevOps teams.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Storage solutions for surveillance
CCTV Handbook 2021, Technews Publishing, Forbatt SA, Duxbury Networking , IT infrastructure
When it comes to storage, simply knowing where your video is stored, how to access it quickly and how to handle the large amount of data is a complex task.

Read more...
Surveillance-enhanced hard drives
CCTV Handbook 2021 , IT infrastructure
New WD Purple Pro product line brings elevated performance, workload capability and reliability to advanced AI-enabled recorders and video analytics server applications.

Read more...
Can you hack-proof the cloud?
CCTV Handbook 2021 , IT infrastructure
The cost and impact of cybercrime is climbing by around 15% every year and by 2025 it’s expected to cost $10,5 trillion globally. This makes cybercrime more profitable than the global illegal drug trade.

Read more...
Fast data recovery
Issue 3 2021 , IT infrastructure
The new InfiniGuard CyberRecovery capabilities provide transparent protection of the entire backup environment. It features immutable snapshots and near-instantaneous recovery to previous points-in-time based on customer-defined policies.

Read more...
Data protection is a top priority
Issue 3 2021, Commvault , IT infrastructure
The global Covid-19 pandemic significantly accelerated the adoption of cloud technologies around the world, but particularly in South Africa, making disaster recovery and cloud data protection top priorities.

Read more...
Dicentis Flush
Issue 3 2021, Bosch Building Technologies , Products, IT infrastructure
Bosch adds modular product range with installation convenience to its IP-based conference portfolio, allowing easy system scalability with the option of cost-saving dual-seat setups with microphone sharing.

Read more...
PoPIA: Time Is up
Issue 3 2021 , Security Services & Risk Management, IT infrastructure
The Protection of Personal Information Act (PoPIA) comes into full effect on 1 July 2021 and there remains much confusion and ambiguity regarding its definitions, requirements and enforcement.

Read more...
Integrated online SIM management platform
Issue 3 2021, Flickswitch , IT infrastructure
Whether it is rail carriages, construction equipment, shipping containers or any other non-powered asset, without an automated tracking system, it is very difficult to control the vehicles and assure their security.

Read more...
Surveillance business models are changing
CCTV Handbook 2021, Technews Publishing, Eagle Eye Networks, Bosch Building Technologies, Dahua Technology South Africa, Genetec , Editor's Choice, CCTV, Surveillance & Remote Monitoring, Cyber Security, Integrated Solutions, IT infrastructure
The CCTV Handbook round table highlighted the changes that are happening in the surveillance and security world in general, from cloud to costing models and of course, cybersecurity.

Read more...
SA enterprises have a resiliency gap
Issue 3 2021 , IT infrastructure
With the integrity of data at stake through increased cyberattacks and an increasing push to regulate how enterprises meet data compliance, businesses cannot ignore their backup and recovery strategies.

Read more...