From virtual servers and data centers to public and private cloud workloads, containers are increasingly used and demand protection. Leading enterprises are bringing together their application development teams, IT operations and their security team to help the business deliver automated, secured applications to market quicker. Trend Micro connects teams with technology tools that bake security into the process while meeting compliance needs and reducing risk.
“While customers have been securing their containers with our technology for a couple of years now, we are proud to significantly expand our offering,” said Steve Quane, Executive Vice President, Network Defense and Hybrid Cloud Security for Trend Micro. “Unlike many of the one-off point solutions crowding the market, our offering provides automated build-pipeline container image scanning, and extensive runtime protection providing full visibility and control. What is strikingly unique is our consolidated tool for container plus workload security in every environment.”
Senior analyst and group director Doug Cahill at Enterprise Strategy Group believed, “Developers might be surprised by the scope of this new offering. The on-going deployment of application containers into production environments requires that the entire build-ship-run continuum be secured. As such, protection across the CI/CD pipeline for container environments must include the ability to the detect vulnerabilities, secrets, malware, and misconfigurations for early protection at build time, while delivering critical threat protection across on-prem and cloud host, orchestration and container layers at runtime.”
The new features available now in Trend Micro’s container security solution include:
1) Securing across the complete DevOps lifecycle
Within the software build-pipeline, Trend Micro has extended its container image scanning to include pre-registry scanning, providing earlier detection of vulnerabilities and malware over and above scanning the trusted registry for any future threats. Deep Security will now also scan for embedded secrets such as passwords and private keys and provide compliance and configuration validation checks, along with image assertion for digitally signed images.
2) Securing across the entire stack
At runtime of the container, Trend Micro has boosted container platform protection across Docker and Kubernetes. Deep Security has long ensured protection for the host and containers at runtime. This includes intrusion prevention system (IPS) rules, integrity monitoring to detect compromised instances of the platform, as well as log inspection.
To ensure complete protection, Trend Micro inspects all lateral and horizontal traffic movement (east, west, north, south) between containers and platform layers like Kubernetes and Docker.
3) Securing while granting full control
To increase automation and decrease manual tasks, security and operations teams using Trend Micro can now use any command shell to execute the application program interfaces (APIs). This additional option ensures full control of deploying policies, automation of monitoring, reporting and more. This completely new set of representational state transfer APIs have been written to automate security for application development and operations teams across the container orchestration tools and runtime environments.