Container Security

Shift Left, Then Right for Runtime Application Container Security

In this new Solution Showcase by Enterprise Strategy Group (ESG), Senior Analyst Doug Cahill reviews recent research on application container adoption trends, then outlines how to build security into the DevOps and SecOps use cases. Abstract: The broad adoption of application containers for both new applications and those being refactored into a microservices architecture has… Read more »

Container Security

Achieving PCI Compliance for Containers

Although microservices and containers are not explicitly mentioned in PCI-DSS for PCI compliance, organizations implementing these technologies must focus carefully on monitoring, securing, and governance. Microservices and containers offer some unique characteristics that support pci compliance. For example, microservices emphasize an architecture with one function per service/container. This aligns well with PCI-DSS 2.2.1, implementing only… Read more »

Container Security

NeuVector 2.0 Is Now Available!

We’re happy to announce that the 2.0 release of the NeuVector Container Security Platform is now generally available! The 2.0 release is a major expansion of the platform to include end-to-end vulnerability scanning, automated real-time security incident response, and enhanced multi-vector detection of container attacks. Cloud-native enterprise integration is also enhanced with OpenShift and Kubernetes… Read more »

Container Security

Backdoor Found in Open Source SSH package

A serious backdoor vulnerability in a popular software package was recently reported. It was found in the ssh-decorator Python package. In this open source library, a log function was sending clear text IP addresses, login names and passwords to an external site: “ssh-decorate.cf/index.php.” This immediately became one of the hottest topics about which thousands of… Read more »

Container Security

OpenShift Security Automation

Containers and tools like Red Hat OpenShift enable enterprises to automate many aspects of application deployment, with many significant business benefits. But it’s easy to forget to automate the security aspects of containers. There are many built-in features for OpenShift security automation in the platform, but don’t stop there. Automating run-time security for OpenShift deployments… Read more »