The new solution ensures complete visibility and protection of applications running in all container-based environments. even in as-a-service mode
Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of highly innovative cloud-based IT security and compliance solutions, unveiled Container Runtime Security, a feature that ensures execution-level defense capabilities for containerized applications.
This revolutionary approach uses a small portion of Qualys code in the container image, allowing you to check its status and block unwanted behavior. This functionality eliminates the need for premium containers or sidecars, which are complex to manage and cannot function in an as-a-service environment.
Once activated, the solution will work in any environment without requiring additional elements. This allows to address in real time typical cases of Container secutity such as, for example, file access control, network micro segmentations, vulnerability and exploit mitigation and virtual patching.
“At Zoom, we continue to improve our global security program that begins with prevention, detection and responsiveness for all workloads,” he says. Randolph Barr, Head of Security Operations on Zoom". Applying security best practices, mitigating attacks and managing monitoring are important for container runtime security. Qualys Container Runtime Security will become an indispensable tool for extending detection and response capabilities to workloads running on any container infrastructure ”.
Today it is possible to develop a complete container security program, adopting a single solution that includes vulnerability management, detection and response through an ongoing process that covers all stages of the development cycle.
With Qualys Container Runtime Security, customers can:
- Carefully check the behavior of running containers, being able to decide what to check and block, for example, in relation to access to files, network communications and the behavior of individual processes.
- Create granular and customized policies, or use the integrated library rather than setting a policy based on the behaviors observed by the system
- Equip container images in the CI / CD development pipeline with an innovative "follow the image" approach that enables standardized and guaranteed security of containers running in any environment (Docker, Kubernetes, AWS EKS / ECS, Azure AKS, Google GKE ), including those without servers such as Azure Container Instances, AWS Fargate, and Google CloudRun.
“The growth of Kubernetes comes at a time when we are able to solve many of the problems of the IT infrastructure and software development. However, new tools are needed to secure containers, as developing container-based applications requires a completely different approach to software, "he said. Frank Dickson, Program Vice President Security Products di IDC. "Kubernetes can be managed as an immutable infrastructure, however, the reality is that container configurations can deviate during execution. Qualys' approach allows security to monitor the container image with integrated instrumentation, enabling visibility and rule enforcement to running containers. This strategy facilitates the "follow the container" approach, providing DevOps and development managers with future-proof protection as applications migrate to more mature and managed environments such as Docker, Kubernetes, AWS Fargate and others.
"The detection and response functions in a single application through the container development pipeline is the key to securing containerized applications, as this same high-speed pipeline can be exploited by malicious people during execution," he says Philippe Courtot, Chairman and CEO Qualys. "Therefore, we need to increase security in cloud workloads and extend protection to running containers." Qualys extends defense capabilities in our Container Security solution by adding policy-driven response and behavior detection capabilities to protect containers operating in on-premise environments, public clouds, or public cloud containers as -a-service ".
For more information on the Qualys Container Security solution and to request a demo, sign up for the virtual conference Qualys Security Conference (November 9-24).
Qualys Container Security
Built on the Qualys Cloud Platform, Qualys Container Security discovers, tracks and protects containers from development to runtime. Container Security continuously reports and responds to security and compliance issues in containers across the hybrid IT environment. The implementation of runtime protection extends these capabilities and provides a complete and granular visibility during a container execution, allowing you to control and monitor the execution according to different rules. As a result, it is possible to recognize a deviation from the expected behavior that potentially creates a security risk due to a vulnerability or misconfiguration.
