Container network security firm NeuVector is adding a new security integration that integrates with Kubernetes, extending Admission Control features and preventing the leak of vulnerabilities into production environments.
NeuVector, which also offers next-generation container firewall, says the additions will stop vulnerable images from deploying into Kubernetes production environments.
“As Kubernetes matures, enterprises are increasingly turning to the container orchestration solution for use across the full application development process – including in-production environments,” the company explains.
“This proliferation is in turn necessitating security measures capable of safeguarding container environments throughout the entire breadth of the build-ship-run lifecycle.”
NeuVector’s security platform is also a container. It scans and discovers the vulnerable images before they are deployed. It also ensures that images are not altered or tampered with before deployment.
The platform maintains an active catalogue of images approved for deployment in production, and verifies images signatures as part of its security process.
Synopsys is one of NeuVector’s partners. Synopsys senior technical evangelist Tim Mackey explains further:
"Considering the dynamic, ever-changing nature of modern containerized applications, and that in 2018 an average of 47 vulnerabilities are disclosed each day, a continuous approach to preventing vulnerable images from being deployed into production systems is critical.
“By integrating Black Duck OpsSight, our open source vulnerability detection solution for containers, with NeuVector Admission Control and run-time security, our customers are able to deploy Kubernetes with end-to-end security across their full container pipeline.”
NeuVector’s Admission Control release also ensures that only authorised users and service accounts are capable of deploying containers into production.
“With enterprises more commonly utilising containerised production environments, we’re proud to introduce Admission Control capabilities that enhance Kubernetes’ built-in features to ensure those environments are protected from tampering and free of known vulnerabilities,” comments NeuVector CTO Gary Duan.
“We’re excited to be introducing these features at DockerCon, and to demonstrate to attendees how our platform ensures the integrity of container images and provides container security across the full build-ship-run lifecycle.”
NeuVector is headquartered in California, United States and works with some of the world’s biggest firms like Docker, IBM, AWS, Google Cloud, Microsoft Azure, and others.
In November 2017, the company raised US$7 million in Series A funding, just 10 months after its launch into the market.
NeuVector was formed by security experts from the likes of Trend Micro, VMware, and Fortinet.