Written by: Vikram Navali, Senior Technical Product Manager – As more enterprises adopt a containerized approach for applications, the need for protecting containers becomes crucial. Container environments are a computing option that provides virtualization for microservice-based applications regardless of whether the target environment is a private data center or deployed in a public cloud.
Chris Roberts, an adviser at Attivo Networks, concurs that role-based access control (RBAC) must be enabled for robust Kubernetes security, and adds that many elements of a strong security posture remain relevant in container environments: Good policies, procedures, and controls at the user, application, and network layer; separate and segmentation (including firewalls) where possible; rotating encryption keys; and strong education and integrations among different roles and teams.
Misconfigurations – which in some cases may be a matter of simply not paying attention to configurations – will be a considerable source of risk as more organizations deploy containerized applications to production environments, according to Chris Roberts, an advisor at Attivo Networks. “How many of the installations out there are still relying upon defaults? How many have weak configurations, interconnects, and/or rely upon code bases that are not well-validated, understood, or tested/supported?” Roberts asks. “Arguably, the lack of well-configured environments that are not being monitored or protected will have a huge impact on the number of vulnerabilities in 2019.”
Paul Asadorian, CEO of Security Weekly, and John Strand, Founder of Black Hills Information Security, discuss the companies that Paul had briefings with this week. In the podcast (around 6:30), Paul highlights the Attivo ThreatDefend™ platform’s latest Container and Serverless deception enhancements. Additionally, they share how the deception technology space is evolving and maturing through innovative companies, like Attivo Networks.
Attivo Networks, the 2017 Platinum ‘ASTORS’ Homeland Security Award-Winning leader in deception for cybersecurity threat detection, is further enhancing its portfolio with advanced deception techniques designed specifically to accurately detect and derail sophisticated attacks targeting serverless applications in cloud and data center environments.
Attivo’s ThreatDefend deception platform can now enable organizations to create decoy containers and serverless functions, in an attempt to trap attackers. As organizations begin to embrace container and serverless technologies, there is a corresponding need to secure those deployment models. On Sept. 24, Attivo Networks announced its entry into the container and serverless security market with an update of its ThreatDefend cyber-security deception platform.