Trend Micro has announced the availability of complete security from a single solution protecting across cloud and container workloads, with the newly launched container security capabilities added to Trend Micro Deep Security to elevate protection across the entire DevOps lifecycle and runtime stack.
“While customers have been securing their containers with our technology for a couple of years now, we are proud to significantly expand our offering. Unlike many of the one-off point solutions crowding the market, our offering provides automated build-pipeline container image scanning, and extensive runtime protection providing full visibility and control. What is strikingly unique is our consolidated tool for container plus workload security in every environment,” said Steve Quane, Executive Vice President, Network Defense and Hybrid Cloud Security for Trend Micro.
Senior analyst and group director Doug Cahill at Enterprise Strategy Group, said, “Developers might be surprised by the scope of this new offering. The on-going deployment of application containers into production environments requires that the entire build-ship-run continuum be secured. As such, protection across the CI/CD pipeline for container environments must include the ability to the detect vulnerabilities, secrets, malware, and misconfigurations for early protection at build time, while delivering critical threat protection across on-prem and cloud host, orchestration and container layers at runtime.”
The new features available now in Trend Micro’s container security solution include:
Securing across the complete DevOps lifecycle
Within the software build-pipeline, Trend Micro has extended its container image scanning to include pre-registry scanning, providing earlier detection of vulnerabilities and malware over and above scanning the trusted registry for any future threats. Deep Security will now also scan for embedded secrets such as passwords and private keys and provide compliance and configuration validation checks, along with image assertion for digitally signed images.
Securing across the entire stack
At runtime of the container, Trend Micro has boosted container platform protection across Docker and Kubernetes. Deep Security has long ensured protection for the host and containers at runtime. This includes intrusion prevention system (IPS) rules, integrity monitoring to detect compromised instances of the platform, as well as log inspection.
To ensure complete protection, Trend Micro inspects all lateral and horizontal traffic movement (east, west, north, south) between containers and platform layers like Kubernetes and Docker.
Securing while granting full control
To increase automation and decrease manual tasks, security and operations teams using Trend Micro can now use any command shell to execute the application program interfaces (APIs). This additional option ensures full control of deploying policies, automation of monitoring, reporting and more. This completely new set of representational state transfer APIs have been written to automate security for application development and operations teams across the container orchestration tools and runtime environments.