DevOps Security Automation
A DevOps Security Platform for Automating Container Security
Integrate Security Automation Into All Stages of the Pipeline
NeuVector is a cloud-native security container which deploys with standard devops tools as part of your agile, CI/CD, or traditional deployment process. Vulnerability scanning can be integrated in the build, ship and run phases. Use the NeuVector CRD to define ‘Policy As Code’ so at run-time there’s no need to understand complex network or security settings or worry about keeping them updated.
- Automates vulnerability and compliance scanning for the entire pipeline
- Create 'Policy as Code' to declare and enforce security policies through custom resource definitions (CRDs)
- Manage complex deployments with ConfigMaps, Helm charts, and multi-cluster management
Deploy on Greenfield and Brownfield Applications
NeuVector deploys easily on greenfield or brownfield (running) applications without service interruption. It doesn’t matter if application containers are already running in staging or production. Use standard devops tools to deploy the security container in minutes on each host. Then instantly discover application behavior, threats, and vulnerabilities, and integrated security into the pipeline.
- Automate NeuVector deployment through Helm charts, ConfigMaps, or the REST API
- Build and deploy 'security policy as code' to enforce application behavior in production
Scan Images and Host OS for Vulnerabilities
NeuVector delivers full lifecycle vulnerability management for scanning containers, orchestration platforms, and the host OS for vulnerabilities in dev, test, staging, and production. All containers running in production should receive a ‘live’ scan. But you can also choose how early in the deployment process you test containers for application vulnerabilities.
- Scan images for vulnerabilities in the build stage with the NeuVector Jenkins plug-in and in registries
- Auto-scan containers and hosts at run-time, and create auto-response rules such as alerting and quarantining
- Audit security configurations with the Docker and Kubernetes CIS benchmark tests
Use the DevOps Tools of Choice
NeuVector is a true ‘cloud-native’ security solution. Deployment of NeuVector is super easy. Just use your favorite container devops tools to deploy the NeuVector container on hosts you wish to protect. You can set most orchestration tools to make sure NeuVector gets deployed on all hosts.
- Supports deployment, management and orchestration tools and frameworks
- Adapts automatically to network settings and overlay networks to secure containers
- Integrates with cloud-native resources such as admission controls, OpenShift imagestreams, RBACs, custom resource definitions, configmaps and more