The Container Secure product is now being included in CloudPassage’s core Halo platform. The new addition secures container images, the running containers, and the container engine or host.
CloudPassage’s Halo platform automates workload security and compliance across public and hybrid clouds, data centers, servers, virtual machines (VMs), and containers. The new container product uses those components to focus its efforts on the container environment using a single platform and agent.
“Containers and its ecosystem represent an entirely new attack surface that is disrupting security and compliance processes as they are gaining rapid adoption,” explained Alok Ojha, senior director of products at CloudPassage, in a statement about the company’s focus for the new product.
CloudPassage had previously launched security benchmarks from the Center for Internet Security (CIS) for Docker containers within the Halo platform. That move allowed Halo to deploy agent software on every server or Docker instance, which then checks the instance’s configuration against golden image benchmarks; audits and reports activity; and can be used to manage access control and workload firewalls.
CloudPassage recently released a “Solution Brief” where it describes integration of its Halo platform with Sumo Logic’s machine data analytics capabilities. The combined efforts provide a security monitoring and closed-loop incident response solution for modern compute environments.
Sumo Logic earlier this week launched support across its container analytics tool for unified logs of root causes and performance issue metrics. The enhancements are designed to improve the customer experience for applications running on Kubernetes.
Container Security Challenges
Analysts noted the rapid adoption of containers is placing greater pressure on organizations to ensure they are securing their application development and deployment workflows.
“Containers are exploding in popularity because they’re fast and efficient,” said Doug Cahill, senior analyst at Enterprise Strategy Group, in a statement. “The rapid adoption of containers has created a strategic imperative to secure containers during build-time, before they are deployed into production, and then during run-time.”
Containers are considered secure because of their basic construct. They are small, and they often exist for only a brief period of time. Plus, specific platforms can be deployed to further bolster container security throughout their existence. These include container security services from vendors like CloudPassage.
Gartner has explained that container security concerns are often due to the deployment method and not necessarily the technology itself.
“Containers are not inherently unsecure, but they are being deployed in an unsecure manner by developers, with little or no involvement from security teams, and little guidance from security architects,” the analyst firm said. “Traditional network and host-based security solutions are blind to containers.”
The analyst firm recently forecast the cloud security services market will generate $5.9 billion in revenues this year, before nearing $9 billion in revenues in 2020.
A number of companies have announced plans around bolstering container and cloud security.
However, some are taking a proprietary approach. Capital One Financial last week released a beta version of its Critical Stack container orchestration platform promising increased security compared with traditional offerings.
Critical Stack President Liam Randall said Kubernetes is a good first step for organizations looking to tackle container orchestration. However, it continues to lack the depth of support for more detailed deployments.
“Kubernetes solves the first half of the container orchestration challenge for the enterprise,” Randall said. “If you’re an enterprise, you’ve got a whole host of other concerns that remain unanswered that you must solve – security, compliance, and enterprise integration.”