NeuVector in the News / NeuVector Press Releases

Image

Accelerating Security Innovation at SUSE

Today, we are very excited to announce the acquisition of NeuVector, a leader in full lifecycle container security that delivers end-to-end security, from DevOps pipeline vulnerability protection to automated security and compliance in production. With this acquisition, NeuVector significantly enhances the enterprise-grade security capabilities in the SUSE Rancher container management platform.

Read article
Image

NeuVector Granted New Patents for Unique Container Security Capabilities

NeuVector, the leader in Full Lifecycle Container Security, today announced that it has been granted two new patents for its industry-first Container Lifecycle Risk Scoring and Service Mesh Protections. NeuVector is making the announcement at KubeCon + CloudNativeCon North America, held October 11-16.

The patents recognize NeuVector’s Container Lifecycle Risk Scoring and Service Mesh Protections as unique and groundbreaking container security technologies.

Read article
Image

NeuVector CEO Stephanie Fohn Wins Gold GLOBEE® for Enterprise Technology Leadership

NeuVector, the leader in Full Lifecycle Container Security, today announced that CEO Stephanie Fohn has earned the Gold GLOBEE® Award for Female CEO of the Year among enterprise technology companies with fewer than 2,500 employees.

The GLOBEE adds to Fohn’s recent accolades for executive leadership in the security industry, which includes recognition from the Stevie®Awards, the Global InfoSec Awards presented by Cyber Defense Magazine, and the Black Unicorn Awards.

Read article
Image

Lessons learned securing Kubernetes in the cloud

For any company exploring the potential of the cloud and Kubernetes, adopting infrastructure as code, security as code, and automation will be essential.

To protect application development and deployment, every stage of the CI/CD pipeline needs to be continuously scanned for critical vulnerabilities or misconfigurations (hence NeuVector), from the build phase all the way through to production

 

Read article
Image

KubeCon 2021 Q&A: NeuVector Will Showcase Container Security and Compliance, and a New Kubernetes Configuration Assessment Tool

Read this exclusive KubeCon pre-show interview between VMblog and Glen Kosaka, the VP of Product Management at NeuVector, a container security company.

NeuVector empowers global organizations to fully secure their container infrastructures without compromising business velocity.  For security, DevOps, and infrastructure teams, the NeuVector continuous container security and compliance platform simplifies data protection from pipeline to production, enforces compliance, and provides visibility and automated controls to combat known and unknown threats.

Read article
Image

Protect your web application by using advanced runtime container security

In this code pattern, you set up a cloud-native container firewall for either a Kubernetes or Red Hat OpenShift cluster and configure security policies to detect and prevent several types of malicious attacks. Then, you test a vulnerable web application sample to monitor and analyze the generated alerts, explained by NeuVector VP of Product Management Glen Kosaka.

Read article
Image

NeuVector Adds K8s Assessment Tool to Container Security Platform

NeuVector today announced it has added a configuration posture management and deployment assessment tool for Kubernetes resources to its namesake container security platform.

Glen Kosaka, vice president of product management for NeuVector, says this scanning tool enables IT and security teams to immediately identify compliance issues within Kubernetes resources and then automatically apply admission control policies. Scan results evaluate YAML files against built-in best practices for secure deployments and/or against custom admission control rules that have been created by an internal IT team.

Read article
Image

Is Your Kubernetes Network Security Strategy Solid?

The aftermath of a security incident is the worst time to realize that your Kubernetes protections weren’t good enough. When thorough Kubernetes security measures are in place, potential threats are detected and remediated before they can do harm, explained by NeuVector Co-Founder and CTO Gary Duan.

Read article
Image

NeuVector Provides Simplified Container Security and Data Protection to Security, DevOps, and Infrastructure Teams

NeuVector provides a complete platform for achieving Kubernetes-native container security. Importantly, our customers use our platform to protect their container infrastructure without slowing down application development, explained by NeuVector Chief Strategy Officer Fei Huang.

Read article
Image

Container security and compliance remains a challenge as deployment speeds ahead

The study, from container security specialist NeuVector, polled over 1,200 DevOps professionals attending KubeCon EU 2021 and shows over 89 percent have container deployments active, and 88 percent are planning additional deployments in the next six to 12 months.

Read article
Image

How do I select a container security solution for my business?

The adoption of container architectures is growing steadily, but security and compliance remain top concerns for enterprises, a recent survey revealed.

To select a suitable container security solution for your business, you need to think about a variety of factors. We’ve talked to several industry professionals to get their insight on the topic.

Read article
Image

DevRel for Beginners: What to Know and How to Get Started

Jorn Knuttila, solution architect and DevRel advocate at NeuVector, a container security company, also worked in a variety of IT roles in his 30-year career and said they’ve all contributed in some way to his current work. But like Lachhman, he credited his successful shift into DevRel to an earlier pivot he made to solutions and sales engineer jobs.

Read article
Image

Security and Compliance Still a Challenge for Container Architectures

While adoption of container architectures and microservices continues at an impressive pace, maintaining automated and proactive security and compliance is a particularly acute challenge for respondents, a NeuVector survey of more than 1,200 enterprise DevOps professionals reveals.

Read article
Image

NeuVector Releases New Report on the Current State of Container Security

NeuVector announced the findings of its 2021 EU Container Security Survey. The new report finds that while adoption of container architectures and microservices continues at an impressive pace, maintaining automated and proactive security and compliance is a particularly acute challenge for respondents.

Read article
Image

Kubernetes Runtime Security is a Growing Concern

NeuVector announced the findings of its 2021 EU Container Security Survey. The new report finds that while adopting container architectures and microservices continues at an impressive pace, maintaining automated and proactive security and compliance is a particularly acute challenge for respondents.

Read article
Image

NeuVector Releases Results of 2021 EU Container Security Survey

NeuVector, the leader in Full Lifecycle Container Security, announced the findings of its 2021 EU Container Security Survey. The new report finds that while adoption of container architectures and microservices continues at an impressive pace, maintaining automated and proactive security and compliance is a particularly acute challenge for respondents.

Read article
Image

The AWS Shared Responsibility Model for Kubernetes

In order to achieve the defense-in-depth required to reliably protect container and Kubernetes environments, security must extend throughout the application lifecycle, from initial vulnerability and compliance scans to robust admission controls and automated security at runtime, explained by NeuVector Co-Founder and CTO Gary Duan.

Read article
Image

NeuVector Bolsters Leadership Team with a Pair of Security Industry Hires

Amid accelerating enterprise demand for its end-to-end Kubernetes security solution, NeuVector names Zach Hill as VP of Sales and Susan Don as VP of Business Development
Read article
Image

15 Point Kubernetes Security Checklist

Thoroughly securing containers and Kubernetes environments – especially in production where they’re most vulnerable – requires a layered security strategy with consistent vigilance across multiple fronts. Kubernetes itself has become an increasingly (and concerningly) frequent attack surface, with attackers exploiting critical vulnerabilities to interfere with or infiltrate containers at every stage of the pipeline.

Read article
Image

Moogsoft and HCL Technologies partner, Sysdig Series F, and NeuVector expands partnership with IBM

NeuVector is now available through the IBM Cloud Catalog, which will make it easier for IBM customers to access it. In addition, NeuVector announced an integration with IBM Security QRadar.
Read article
Image

Partnership – Container Security

NeuVector‘s Kubernetes-native, end-to-end container security solution is now available to IBM Cloud customers through the IBM Cloud catalog. NeuVector also announced platform integration with IBM Security QRadar, IBM’s security information and event management solution.
Read article
Image

NeuVector Brings Full Lifecycle Container Security Solution to the IBM Cloud Catalog; Also Announces Integration with IBM Security QRadar

IBM Cloud customers can provision NeuVector to their IBM Cloud clusters; IBM Security QRadar administrators can easily leverage NeuVector’s comprehensive container security capabilities
Read article
Image

NeuVector Expands Container Vulnerability Scanning to Developers

When NeuVector first launched in 2017, it focused primarily on runtime vulnerability scanning and threat detection, but over the years it has expanded its focus, shifting “left” to developers, explained NeuVector vice president of product management Glen Kosaka.

Read article
Image

Kubernetes autoscaling, explained

What is Kubernetes autoscaling? This automation capability means you don't have to manually provision and scale down resources as demand changes. It also prevents needless spending. Here's how it works
Read article
Image

NeuVector Releases Results of 2021 Container Security Survey

While enterprise DevOps say that security is a priority, they also report a lack of consensus over whose responsibility security is, how to enact it, and how to ensure it doesn't hamper CI/CD velocity.
Read article
Image

2021 DevSecOps Predictions - Part 2

DEVOPSdigest asked DevOps and development experts from across the industry for their 2021 DevSecOps predictions. Zero-trust security will become the prevailing model for organizations in 2021. With more companies moving to distributed architectures, technology teams need a scalable way to make security foolproof while managing a growing number of microservices and greater complexity.
Read article
Image

NeuVector 2021 Predictions: Forecasting Container Security in 2021 - 6 Things to Expect

Enterprise developer, DevOps, and DevSecOps teams stand on shifting ground heading into 2021 - and perhaps nowhere will that be more apparent than security strategy, tactics, and risk visibility and mitigation. Here are six predictions I expect to see:
Read article
Image

Kubernetes MiTM Vulnerability Underscores Need for Virtual Patching

CVE-2020-8554, a man-in-the-middle (MiTM) vulnerability affecting all Kubernetes versions, has begun drawing attention from the cloud-native community for its ability to allow authenticated-but-malicious users to remotely bypass security restrictions. This vulnerability is the latest high-profile example showing that securing container and Kubernetes pipelines across the full application life cycle—from the beginning of development, into testing and through to production—requires overcoming significant and ever-evolving challenges.
Read article
Image

How Do Serverless Functions Actually Work? Examining AWS Lambda to Understand Serverless

Serverless is relatively straightforward to get started with but becomes more complicated as functions leverage more advanced resources.
Read article
Image

Female CxO Trailblazers Award

Female CxO Trailblazers Award Winners 2020 is NeuVector CEO, Stephanie Fohn. Female CxO’s within enterprise tech startups demonstrating key qualities and proven achievements: driving company innovation, proof of leadership, implementing and encouraging agile practices, promoting diversity within the company, and contribution to the wider tech community.

Read article
Image

Why Securing Secrets in Cloud and Container Environments Is Important – and How to Do It

Key-based “secrets” are required to authorize access and communications across all cloud applications and services, including login access to containerized applications. From the AWS IAM access key, to Google API access token, Facebook access token, OAuth Client Secrets, and countless others, secrets are used to secure myriad public-facing services and internal or external REST APIs.

Read article
Image

Deploying compliance and security automation with Kubernetes

Enterprises believe that orchestration and containerization will help with compliance and security as they make the shift to digital transformation. CIOs are opting to shift security as closer to the CI/CD pipeline or software development cycle as possible. Kubernetes and Containers need new or updated security requirements. Such solutions provoke enterprises to shift legacy security policies away from the waterfall or monolithic approach. In most of these approaches, security comes as the last priority.

Read article
Image

Why DevOps Teams Need to Take Container Security Seriously

Earlier this year hackers were able to exploit container platform Kubernetes to install cryptomining software in Microsoft Azure. Fei Huang, chief strategy officer at container security platform NeuVector believes that this should be a wake up call to get the attention of enterprise DevOps and DevSecOps teams. We spoke to him to find out more about the risks and how they can be addressed.

Read article
Image

6 Kubernetes workflows and processes you can automate

Once upon a time, the concept of “workflow” in Kubernetes might have seemed a bit antithetical. Consider this older definition from the business process management world, via Wikipedia: “A workflow consists of an orchestrated and repeatable pattern of activity, enabled by the systematic organization of resources into processes that transform materials, provide services, or process information.”

Read article
Image

How To Match Kubernetes Security To HIPAA Compliance

Healthcare organizations under the purview of HIPAA regulations know full well how critical demonstrable security is to avoiding regulatory action, steep fines, and reputational harm. But many businesses now taking advantage of Kubernetes and containerized environments have even more questions than usual when it comes to implementing compliance-achieving security processes.

Read article
Image

10 steps to automating security in Kubernetes pipelines

Kubernetes pipelines face an ever-increasing range of threats that demand more integrated and automated security across the application lifecycle. Making things more complex, critical vulnerabilities can make their way into any stage of the pipeline: from build to registry to test-and-staging to (especially damaging) production environments.

Read article
Image

Kubernetes deployments: 6 security best practices

If you’re moving to containers and Kubernetes from a more monolithic approach to software development and infrastructure, it’s probably not because you want your teams to move slower. You’re likely trying to deploy faster and more frequently than ever.

Read article
Image

Guide to Automating Container Security Scans in the CI/CD Pipeline for DevOps Teams

As threat vectors and micro-perimeters expand with the popularity of container deployments, an automated approach can help DevSecOps teams keep workflows secure. Container security, including vulnerability management, has long been a challenge for many DevOps teams. The challenge is that, while modern cloud-native tools have enabled automation across CI/CD pipelines, automating the vulnerability management process has lagged behind.

Read article
Image

Kubernetes security: New tech, familiar attack vectors

With Kubernetes, some old threat vectors may feel new again. Kubernetes security experts say misconfigured settings and privilege mistakes are examples that can open up risk. Mind these six items

Read article
Image

With new vulnerability management tools, NeuVector aims to strengthens container security

NeuVector Inc. today is adding new vulnerability management and protection features to its container security platform, making it easier for DevOps and security teams to investigate, prioritize and then mitigate any potential vulnerabilities in production environments.

Read article
Image

Linux Container CPU: How to Optimize Real-Time and I/O-Intensive Environments

Ideally, highly-threaded I/O intensive Linux containers running on Kubernetes would have all the CPU time they need. But just how compatible is that goal with reality? To find the answer – and optimize Linux containers – application developers and DevOps teams must understand how Linux schedules tasks and allocates them CPU time.

Read article
Image

NeuVector Adds Container Security, Compliance Tool

NeuVector today announced it has added a Vulnerability and Compliance Explorer tool to make it easier to prioritize remediation efforts to further advance the adoption of best DevSecOps processes.

Read article
Image

10 Steps to Ensure PCI DSS-Compliant Container Deployment

Enterprises seeking to leverage containers and microservices in compliance with the Payment Card Industry Data Security Standard (PCI DSS) will find some advantageous synergies between the regulations and the technologies, as well as some aspects that require particularly careful attention. While PCI-DSS version 3.2, the industry’s latest, does not yet specifically address containerized environments, enterprises must nevertheless ensure that appropriate monitoring, security and governance is in place to achieve compliance. This is especially important, as recent reports are showing a struggle to maintain compliance.

Read article
Image

3 tips to keep Kubernetes safe at scale

Kubernetes containers are now highly prevalent in multi-cloud environments and are being deployed widely across a variety of industries. In a survey last year, vice president of product marketing for Sumo Logic Kalyan Ramanathan wrote that the open-source container operating system was "dramatically reshaping the future of the modern application stack."

Read article
Image

DevSecOps Panel – Best DevOps Security Practices & Best Tools

Since DevSecOps is such a prominent topic as we move into 2020 that we decided to ask five experts their opinions on the subject of security roles being integrated into DevOps. In this second part of our panel series we ask three questions: Where are applications most vulnerable? What are the best security practices? What tools do they recommend? Here’s what they had to say.

Read article
Image

DevSecOps Panel – What Is DevSecOps & DevOps Security Challenges

Since DevSecOps is such a prominent topic as we move into 2020 that we decided to ask five experts their opinions on the subject of security roles being integrated into DevOps. In this first part of our panel series we ask two questions: What is DevSecOps? Where is it easy and where is it difficult to keep an eye on security? Here’s what our experts had to say.

Read article
Image

2020 DevSecOps Predictions - DevOps Digest

As part of DEVOPSdigest's 2020 predictions, industry experts offer predictions on how DevSecOps and related technologies will evolve and impact the business in 2020. Part 2 offers predictions about shifting left, automation and more.

Read article
Image

6 Forecasts as Container Threats Proliferate

Expect a busy year for enterprise DevOps and DevSecOps teams, as they strive to stay ahead of growing security threats to containerized and serverless environments. Here are six trends to pay particular attention to in 2020:

Read article
Image

6 Security Team Goals for DevSecOps in 2020

In the DevOps world, the biggest gains have been achieved through an "everything-as-code" approach that has made it so much easier to spin up and down reliable, repeatable infrastructure components. In the future this could be a huge boon for security and compliance purposes, but right now there's a big gap between DevOps and security teams, says Tim Hinrichs, CTO and co-founder of Styra.

Read article
Image

The Year Ahead for Kubernetes and Container Security - Security Boulevard

A new study out conducted among the DevSecOps community shows that Kubernetes use is rapidly growing within the enterprise, and not just within test or development environments. As organizations try to catch their breath with the rapid adoption rate, the security community is scrambling to adapt to containers and cloud native architectures as the new normal.

Read article
Image

How to Automate Container Security by Using CRDs to Get Security Policy as Code

Security has long been a sticking point for many DevOps teams (including my own, at a Canadian insurance and financial services co-operative). While available tools have enabled automation across plenty of other parts of our CI/CD pipeline — and made automated deployment of our container-based applications the norm — security automation has largely lagged behind.

Read article