Trend Micro Incorporated has announced the addition of its advanced container security solution Cloud One Container Security to the Trend Micro Cloud One Services Platform.
Designed to ease the security of container builds, deployments and runtime workflows, the new service helps developers accelerate innovation and minimise application downtime across their Kubernetes environments, from a single tool.
The new service is an important addition to Trend Micro's Cloud One services platform that was introduced last year. As IDC stated, Trend Micro launched Cloud One, its integrated cloud security services (SaaS) platform that addresses customers' security challenges around data center servers and virtual machines, IaaS workloads, containers and containers services, cloud security posture management, cloud file and object storage services, and serverless.
Trend Micro says global organisations are increasingly leveraging containers to accelerate cloud migration, rearchitect monolithic applications and build and integrate seamless cloud native applications. This can create security gaps that traditional network and endpoint tools are not capable of addressing.
"Containers are helping teams innovate faster by simplifying development and deployment," says Mick McCluney, technical director, Trend Micro Australia New Zealand.
"To safely keep this pace, teams needs to integrate security practices more easily in the container lifecycle," he says.
"That is where this new service comes into play perfectly. It provides automated continuous protection at three critical stages of the container lifecycle; build, deploy, and run."
Trend Micro Cloud One Container Security offers these main elements:
Container image scanning
This scans at build time for the earliest possible detection and lowest cost remediation. In addition, through partnership with Snyk there is a scan against the market leading open source vulnerability database. This provides early detection and mitigation of vulnerabilities in third-party code dependencies. Cloud One Container Security will:
- Look for vulnerabilities in the packages included in the container
- Detect malware using signatures and advanced machine learning techniques
- Find embedded secrets such as passwords, API tokens, or license keys
- Sweep for IoCs using industry-standard Yara rules
- Policy-based deployment control
Container security enables users to create policies that allow or block deployments based on set rules. Native integration with Kubernetes ensures that all deployments run in a production environment are safe.
Cloud-native runtime security
Once an image has been deemed safe and is deployed into production, Cloud One Container Security will protect the container in the runtime environment. This offers ongoing vulnerability detection for the containerised application and provides relevant feedback to security and DevOps teams in case further action is needed.