Containers are just as vulnerable to attacks as any application and require application security features designed for containers. NeuVector has built-in security policies for applications and protocols.
Protecting containers requires discovering their behavior in an application and service. NeuVector automatically creates segmentation for isolation at the container, application, and service level. Although the typical policy is ‘zero-configuration,’ customized whitelist and blacklist rules can be added.
All containers should be scanned during run-time for application vulnerabilities. Even if the images were scanned in registries. Don’t take the chance that a back door or process failure could introduce vulnerabilities.
Detect and prevent application attacks such as DDoS and DNS on containers. With the exponential increase in internal ‘East-West‘ traffic between containers it is more critical than ever to monitor all container traffic.