McAfee announced McAfee MVISION Cloud for Containers that integrates container security with its Cloud Access Security Broker (CASB) and Cloud Security Posture Management (CSPM) security solution.
Leveraging NanoSec’s zero trust application visibility and control capabilities for container-based deployments in cloud environments, the solution provides customers with the ability to speed up application delivery, while enhancing the governance, compliance and security of their container workloads.
The acquisition of NanoSec will strengthen the container security capabilities of McAfee MVISION Cloud and MVISION Server Protection products, giving its customers the ability to speed up application delivery while enhancing governance, compliance and security of their hybrid, multi-cloud deployments.
NanoSec’s security capabilities will be applied to applications and workloads deployed in containers and Kubernetes and will be integrated into McAfee MVISION Cloud and MVISION Server Protection offerings. These capabilities include continuous configuration compliance and vulnerability assessment as well as runtime application-level segmentation for detecting and preventing lateral movement of threats.
Container security has long been treated as separate from other Infrastructure as a Service (IaaS) security solutions, requiring evaluation, investment and management of multiple, niche products thus increasing total cost of ownership and complexity and reducing security.
McAfee MVISION Cloud for Containers integrates Cloud Security Posture Management (CSPM) and Vulnerability Scanning for container workloads into the existing McAfee MVISION Cloud platform to give customers a unified cloud security solution where consistent security policies can be implemented across all forms of cloud IaaS workloads.
McAfee MVISION Cloud integrates with DevOps tools, helps users “shift-left” to pre-emptively improve compliance and secure container workloads by running security audits in the DevOps pipeline and providing security incident data directly back to the development teams.
Additionally, McAfee MVISION Cloud also continuously monitors the production deployments of these container workloads to ensure configuration drift does not compromise the security of the applications.
Currently available, McAfee MVISION Cloud for Containers provides CSPM that integrates Configuration Audit checks for containerized workloads to ensure the container platforms run in accordance with CIS and other best practice compliance standards. This is designed to ensure security checks for the complete container stack including the configuration of the virtual machine the container runs on, as well as the storage, network and other Platform as a Service (PaaS) services the container may be accessing.
The offering also adds vulnerability scanning of container images that helps to identify and prevent the use of weak or exploitable components of the container images. This reduces the overall risk profile of the application by minimizing the attack vectors. With Shift Left DevOps integration, users can perform CSPM and Vulnerability Scanning checks earlier in the application development lifecycle. This helps identify risk and provide meaningful feedback to developers within the build process. Additionally, continuously monitor and prevent configuration drift on production deployments of the container workloads.
No comments:
Post a Comment