NeuVector Launches New Approach to Continuous Docker Container Security

Date 2017/2/1 10:18:37 | Topic: Product News

NeuVector has announced the launch and immediate availability of a new approach to securing Docker containers. With constant behavioral learning automatically applied to security policies for containers, NeuVector secures containers where they have been most vulnerable: in production environments where they are constantly being deployed, updated, moved, and scaled across hosts and data centers. Companies with production Docker deployments (or who are evaluating container-based applications) can quickly test-drive NeuVector's answer to stronger and faster container security here.
NeuVector's solution for container security is itself a container. The application automatically learns and whitelists normal behavior to protect environments even as containers scale up and down. Through this built-in continuous application and network intelligence, NeuVector is providing application layer segmentation that completely isolates container traffic. Any abnormal connections can then be proactively and automatically detected and blocked before causing harm. NeuVector completes its solution with runtime vulnerability scanning across all running containers and hosts, and includes threat detection for attacks such as DDoS, DNS, and others.

"Coming from a traditional network security background, we quickly realized that existing approaches are not adaptable to container environments -- they don't transfer well, and other solutions are slow and incomplete," said Fei Huang, CEO, NeuVector. "In order for security teams to keep up with DevOps, they can't be running around inspecting iptables and updating rules. What we've designed is a security container that is intelligent enough to understand -- in real-time -- what applications are doing. There's not a faster, easier, and more secure way to ensure Docker container environments are protected from unwanted or malicious traffic."

Uniquely, the no-configuration NeuVector security container can see all network traffic and instantly correlate with application behavior to determine threats and violations. Also, unlike other false-positive-prone container security offerings, NeuVector can block only suspicious container traffic without affecting good traffic to the container.



This article comes from Software Development Tools
http://www.softdevtools.com

The URL for this story is:
http://www.softdevtools.com/modules/news/article.php?storyid=4073