VMware Adds Container Scanning Tool to Security Platform
VMware today announced it has added a VMware Carbon Black Cloud Container offering that makes it possible to scan containers and Kubernetes configurations within the context of a DevSecOps workflow.
Shemer Schwarz, senior director of product management at VMware, says this latest offering is an expansion of the VMware Carbon Black Cloud Workload platform VMware provides today to enable IT teams to centralize cybersecurity management.
As more cloud native applications are built, IT organizations that have standardized on the VMware Carbon Black Cloud Workload platform now want to be able extend the policies and workflows they currently apply to monolithic applications to cloud-native applications, says Schwarz.
Scanning those cloud-native applications requires a different engine that now can be invoked through the same console provided via the VMware Carbon Black Cloud Workload platform, notes Schwarz.
VMware Carbon Black Cloud Container provides a holistic view of vulnerabilities and misconfigurations across all Kubernetes workloads before they are deployed, and provides mechanisms that prevent applications from being deployed as the result of a scan and the policies they have defined. IT teams can also explore Kubernetes workload configurations by launching a series of customized queries. Cybersecurity teams can also review container images running in production environments.
While developers are clearly assuming more responsibility for application security as part of the rise of DevSecOps best practices, cybersecurity teams will still play an active role. The VMware approach is designed to make it simpler for those teams to collaborate, beginning with the actual application development process, said Schwarz. VMware Carbon Black Cloud Container is designed to be integrated with multiple continuous integration/continuous delivery (CI/CD) platforms.
As far as adoption of DevSecOps best practices are concerned, it’s still early days, so responsibility for cybersecurity is becoming more fluid. A recent report published by the Cloud Security Alliance finds more than a third (35%) of respondents said their security operations team manages cloud security, followed by the cloud team (18%) and IT operations (16%). Other teams, such as network operations, DevOps and application owners, are all below 10%, the survey finds.
Regardless of who manages security, it’s about to become more challenging to maintain. Most container security issues today revolve around attempts to use containers to hijack infrastructure resources to mine cryptocurrency, also known as cryptojacking. However, those attacks also make it clear cybercriminals have ways to compromise platforms running cloud-native applications. As more mission-critical applications are deployed using containers it’s now only a matter of time before cybercriminals launch attacks against cloud-native applications using more lethal forms of malware.
Containers, of course, are ephemeral. They are typically ripped and replaced at rates that give developers a false sense of security. The assumption is the container will only be running for a few minutes. However, those containers encapsulate a wide variety of software that still can be infected with malware.
Organizations of all sizes need to embrace DevSecOps best practices to secure those applications. The challenge is determining how quickly to apply those practices across the entire application portfolio.
