Published on April 8th, 2021 📆 | 1568 Views ⚑0
VMware adds container and Kubernetes security to its advanced cloud workload protection | Cloud
Cloud and software specialist, VMware, has unveiled a series of expanded cloud workload protection capabilities that deliver security for containers and Kubernetes.
In a statement to the press, VMWare confirmed that the new solution will help increase visibility, enable compliance and enhance security for containerised applications from build to production in public cloud and on-premises environments.
ALSO IN THE NEWS: IBM Cloud for Financial Services now offers support for cloud native applications
“Containers and Kubernetes are enabling organisations to develop and modernise applications faster than ever, but the innovation is also expanding the attack surface,” said Patrick Morley, senior vice president and general manager, Security Business Unit, VMware.
“Our solution extends security to containers and Kubernetes to deliver one of the industry’s most comprehensive cloud workload protection platforms. With security built into the development and deployment of applications, we are bridging the gap between the SOC and DevOps teams to help our customers reduce the risks that come with running containers across clouds.”
The global Covid-19 pandemic has expedited the digital transformation of the enterprise tech sector, with companies having to scale up their remote access capabilities. In these instances, migrating to the cloud has had to happen quickly and at a large scale to ensure business continuity amid the global pandemic. Development teams are looking to containers and Kubernetes for speed and the ability to scale application delivery. According to Gartner, “by 2025 more than 85% of global organisations will be running containerised applications in production, which is a significant increase from fewer than 35% in 2019.”
VMware’s expanded cloud workload protection capabilities will deliver a comprehensive solution for InfoSec teams.
Security Posture Dashboard: Provides a combined view of vulnerabilities and misconfigurations to enable complete visibility into security posture across Kubernetes workload inventory. InfoSec and DevOps teams can gain deep visibility into workload security posture and governance to enable compliance, with the ability to freely explore Kubernetes workload configuration via customised queries.
Container Image Scanning and Hardening: InfoSec and DevOps teams can scan all container images to identify vulnerabilities and restrict the registries and repositories that are allowed in production. Teams can set minimum standards for security and compliance, generate compliance reports and follow CIS benchmarks and Kubernetes best practices.
Prioritised Risk Assessment: Vulnerability assessments allow InfoSec and DevOps teams to review images running in production and only approved images are deployed. Security teams can use the prioritised risk assessment to detect and prevent vulnerabilities by scanning Kubernetes manifests and clusters.
Compliance Policy Automation: Infosec teams can shift-left into the development cycle, streamline compliance reporting, and automate policy creation against industry standards such as NIST, as well as the customer’s organisational requirements. This enables the integrity of Kubernetes configurations through control and visibility of workloads that are deployed to an organisation’s clusters. Customisable policies help enforce configuration by blocking or alerting on exceptions.
originally appeared on Source link