VMware this week announced its intent to acquire Octarine, a provider of a namesake cybersecurity framework based on a service mesh for Kubernetes clusters. The Octarine service mesh not only segments network and application traffic all the way up through Layer 7 running on Kubernetes clusters, but it also includes an inspection engine that employs machine learning algorithms to identify anomalous traffic.
Announced at VMware’s virtual Connect 2020 conference, the Octarine service will become part of the Security Business Unit VMware created following its acquisition of Carbon Black last year. During the conference, VMware also announced it has created a Next-Gen Security Operations Center (SOC) Alliance that includes Splunk, IBM Security, Exabeam, Sumo Logic and the Chronicle cloud service from Google.
Patrick Morley, general manager and senior vice president for the VMware Security Business Unit, says the initial goal is to advance container security by making it easier to scan containers for vulnerabilities as they are being deployed in a Kubernetes environment.
As that work progresses, VMware will also integrate Octarine with both the VMware Tanzu cloud service based on Kubernetes as well as instances of Kubernetes that have been embedded within the virtual machines the company makes available via the VMware vSphere platform. Within the Tanzu cloud service, VMware envisions Octarine being deployed alongside other service meshes such as Istio on the Tanzu cloud platform.
The goal is to make it easier within the context of a collaborative approach to DevSecOps to enable organizations to create and enforce content-based data security policies across containerized applications, says Morley. The challenge from a cybersecurity perspective is the ephemeral nature of the containers that make up those applications. IT security leaders are looking for a means to secure those containers in a way that doesn’t slow down the pace of application development, he notes.
Morley says the relationship between developers and cybersecurity teams within the context of a DevSecOps process is still evolving within organizations. However, between Carbon Black, VMware Tanzu and VMware vSphere, there are now three major platforms from VMware on which those processes can be defined, especially now that the Octarine platform will be available to address container security. All three of those platforms will be integrated with one other over the VMware NSX virtual network overlay.
Octarine has also launched two open source container security projects: kube-scan, a workload and assessment tool that scans Kubernetes configurations and settings to identify and rank potential vulnerabilities in applications in minutes; and Kubernetes Common Configuration Scoring System (KCCSS), a framework for rating security risks involving misconfigurations. Morley says VMware expects open source projects to continue to play a major role in container security.
The challenge now, of course, is not so much finding container security tools as much as it is integrating them within the context of a larger DevOps workflow that makes it as easy as possible for developers to discover vulnerabilities long before they ever make it into a production environment.