Security
NeuVector has a new approach to securing Docker containers
Wednesday, February 1, 2017
|
Richard Harris |
NeuVector has announced the launch and availability of a new approach to securing Docker containers. With constant behavioral learning automatically applied to security policies for containers, the platform secures containers where they have been most vulnerable: in production environments where they are constantly being deployed, updated, moved, and scaled across hosts and data centers. Companies with production Docker deployments (or who are evaluating container-based applications) can quickly test-drive their solution to stronger and faster container security.
Their solution for container security is itself a container. The application automatically learns and whitelists normal behavior to protect environments even as containers scale up and down. Through this built-in continuous application and network intelligence, NeuVector is providing application layer segmentation that completely isolates container traffic. Any abnormal connections can then be proactively and automatically detected and blocked before causing harm. It completes its solution with runtime vulnerability scanning across all running containers and hosts, and includes threat detection for attacks such as DDoS, DNS, and others.
Uniquely, their no-configuration security container can see all network traffic and instantly correlate with application behavior to determine threats and violations. Also, unlike other false-positive-prone container security offerings, the solution can block only suspicious container traffic without affecting good traffic to the container.
Their solution for container security is itself a container. The application automatically learns and whitelists normal behavior to protect environments even as containers scale up and down. Through this built-in continuous application and network intelligence, NeuVector is providing application layer segmentation that completely isolates container traffic. Any abnormal connections can then be proactively and automatically detected and blocked before causing harm. It completes its solution with runtime vulnerability scanning across all running containers and hosts, and includes threat detection for attacks such as DDoS, DNS, and others.
“Coming from a traditional network security background, we quickly realized that existing approaches are not adaptable to container environments – they don’t transfer well, and other solutions are slow and incomplete,” said Fei Huang, CEO, NeuVector. “In order for security teams to keep up with DevOps, they can’t be running around inspecting iptables and updating rules. What we’ve designed is a security container that is intelligent enough to understand – in real-time – what applications are doing. There’s not a faster, easier, and more secure way to ensure Docker container environments are protected from unwanted or malicious traffic.”
Uniquely, their no-configuration security container can see all network traffic and instantly correlate with application behavior to determine threats and violations. Also, unlike other false-positive-prone container security offerings, the solution can block only suspicious container traffic without affecting good traffic to the container.
Become a subscriber of App Developer Magazine for just $5.99 a month and take advantage of all these perks.
MEMBERS GET ACCESS TO
- - Exclusive content from leaders in the industry
- - Q&A articles from industry leaders
- - Tips and tricks from the most successful developers weekly
- - Monthly issues, including all 90+ back-issues since 2012
- - Event discounts and early-bird signups
- - Gain insight from top achievers in the app store
- - Learn what tools to use, what SDK's to use, and more
Subscribe here
