VMware Pioneers Modern Security for Modern Applications from Development to ProductionDate : March 1, 2022
This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20220301005351/en/
Source: VMworld 2021 – Innovations in Better Securing Modern Applications
Containerized applications present unique runtime security challenges, including how to only allow legitimate traffic in, how to enable least-privileged communications between services and defend against the lateral movement of attackers, and how to validate that the workload itself is operating within the expected guardrails.
“At VMware, we aspire to be the best in the world at protecting applications from within,” said
Announcing Container Runtime Protection to Enhance End-to-End Security for Cloud-Native Workloads
As threat actors increasingly launch attacks targeting containers, 97 percent of technology leaders surveyed by
VMware’s new container runtime security capabilities include:
- Runtime cluster image scanning enables security and DevOps teams to automate runtime vulnerability scanning and customize policies to reduce risk and ensure images used in running containers are secure. This expansion for image scanning capabilities allows for images to be scanned in Kubernetes clusters, whether they are on-premises or in the cloud.
- Integrated alerts dashboard provides a single pane of glass for security teams to view events and address anomalies in their runtime environment, and enable faster investigation and correlation of events from both host and container layers.
- Kubernetes visibility mapping allows DevOps and security teams to quickly understand the architecture of an application that was set pre-deployment to better identify egress destination connections, potential workload policy violations, and vulnerable images.
- Workload anomaly detection leverages artificial intelligence to standardize networking modules and alert SecOps teams on any deviation from that module, which is critical when setting up new workloads.
- Egress and ingress security provide security teams with added visibility into the external source that is reaching out to the Kubernetes service and easier detection of malicious egress connectivity based on the IP address and the behavioral data.
- Threat detection allows customers to scan open ports to check for vulnerabilities and quickly see if there is a lateral attack in progress. If an attacker tries to exploit a vulnerability to find the next lateral move, the internal port scan and egress port scan will raise an alert.
Attackers often attempt to hide in the noise of an environment, so container runtime security helps to reduce the noise and alert on real, active events, or block the events immediately while minimizing impact to the application and user experience. By consolidating these events to a single dashboard, security teams can accelerate their investigation into incidents impacting endpoints, virtual machine workloads, and containerized workloads. This provides VMware’s customers with a better understanding their overall security posture while reducing alert fatigue, effectively managing risk, and easing enforcement of compliance.
VMware Breaks Down Silos for More Secure Applications
According to a recent study, 70 percent of developer and security managers believe better alignment between their teams creates more secure applications2. VMware Cross-Cloud services helps customers reduce team silos to accelerate the development lifecycle and enable security to be built in from the beginning. For example, VMware Carbon Black is highly complementary with VMware Tanzu solutions in addressing the security challenges of modern applications. Together, the two solutions enable more secure applications and simplify operations for security and DevOps teams.
Discovery Limited is a financial services organization that operates in the healthcare, life assurance, short-term insurance, savings and investment and wellness markets.
“Security is a top priority for our organization given we provide services globally to make people healthier and enhance and protect people’s lives,” said
OpenX is a pioneering leader in advertising technology, helping create a world where the open web thrives.
“As the only 100% cloud-based ad exchange in the industry, we require strong security to protect our Google Kubernetes Engine (GKE) environment,” said
Container runtime protection is currently available through the VMware Carbon Black Cloud Container Advanced Bundle. For more information, please visit our website.
The State of Kubernetes 2021, VMware Tanzu survey of 357 software development and IT professionals with responsibility for Kubernetes at companies with 1,000 or more employees,
May 5, 2021
Bridging the Developer and Security Divide,
Forrester Consultingon behalf of VMware, September 22, 2021