Cloud-based IT, security and compliance solutions provider Qualys has announced Container Runtime Security, which provides runtime defence capabilities for containerised applications.
This new approach instruments an extremely lightweight snippet of Qualys code into the container image, enabling policy-driven monitoring, detection and blocking of container behaviour at runtime. This capability eliminates the need for cumbersome management of sidecar and privileged containers by security solutions that are difficult to manage and administer on host nodes and don’t work in container-as-a-service environments. Qualys Runtime Container Security, once instrumented in the image, will work within each container irrespective of where the container is instantiated and does not need any additional administration containers. This new solution addresses, in real time, container security use cases like critical file-access monitoring and blocking, network micro-segmentation, vulnerability and exploit mitigation, and virtual patching.
Now security teams can implement a comprehensive container security program with a single solution that includes vulnerability management, and detection and response across the build-ship-run container pipeline. With Qualys Container Runtime Security, customers can:
- Perform comprehensive, policy-driven monitoring and blocking of container runtime behaviour including file access, network communications and process behaviours
- Create granular custom behavioural policies, use policies from the built-in policy library or automatically generate policies based on learned container behaviours
- Instrument container images in the CI/CD build pipeline with an innovative “follow the image” instrumentation approach which allows for standardised, guaranteed container runtime security across all types of container environments like Docker, Kubernetes, AWS Elastic Kubernetes Service, AWS Elastic Container Service, Azure Kubernetes Service, and Google Kubernetes Engine, as well as including container-as-a-service environments like Azure Container Instances, AWS Fargate and Google CloudRun.
“Detection and Response in a single application across the container DevOps pipeline is key to effectively secure the containerised applications, as the high-velocity DevOps container pipeline can be exploited by malicious actors at runtime,” said Philippe Courtot, chairman and CEO of Qualys. “Therefore, we must build security into cloud workloads and extend protection into running containers. Qualys brings defence capabilities to our Container Security solution with the addition of policy-driven behaviour detection and response capabilities to protect running containers on-premises, in private clouds or in container-as-a-service public clouds.”
Built on the Qualys Cloud Platform, Qualys Container Security discovers, tracks and secures containers from build to runtime. Container Security continuously flags and responds to security and compliance issues in containers across your hybrid IT environment. The addition of runtime protection extends these capabilities, delivering full, granular visibility into running containers and the ability to enforce policies that govern containers’ behaviour. As a result, customers can immediately detect and act upon containers that are drifting from their parent images and potentially creating a security risk due to vulnerabilities or misconfigurations.
Qualys Container Security solution with runtime capabilities is now available.
Discussion about this post