NeuVector Intros New Container Risk
May 9, 2019
introduced new capabilities to help container security teams better
assess the security posture of their deployed services in production.
New dashboard widgets and downloadable reports provide security risk
scores for the most critical run-time attack risks: network-based
attacks and vulnerability exploits in containers. Specifically,
NeuVector now delivers an intelligent assessment of the risk of
east-west attacks, ingress and egress connections, and damaging
vulnerability exploits. NeuVector is making the announcement at Red Hat
Summit, held May 7-9 in Boston.
An overall risk score summarizes all available risk factors and provides
advice on how to lower the threat of attack – thus improving the score.
The service connection risk score shows how likely it is for attackers
to move laterally (east-west) to probe containers that are not segmented
by the NeuVector firewall rules. The ingress/egress risk score shows the
risk of external attacks or outbound connections commonly used for data
stealing or connecting to C&C (command and control) servers.
Additionally, the vulnerability exploit risk combines run-time scan
results for containers with the protection mode of the container. If the
container is protected by NeuVector’s whitelist rules for network
segmentation and process profiling, then there is a lower risk of a
vulnerability exploit spreading or critically damaging the service.
“The NeuVector container security solution spans the entire pipeline –
from build to ship to run,” said Gary Duan, CTO, NeuVector. “Because of
this, we are able to present an overall analysis of the risk of attack
for containers during run-time. But not only can we help assess and
reduce risk, we can actually take automated actions such as blocking
network attacks, quarantining suspicious containers, and capturing
container and network forensics.”
leveraging the industry’s tightest integration with Red Hat OpenShift,
the risk assessments and reports are specific to the OpenShift projects
and namespaces for each user. With this integration, individual users
can review the risk scores and security posture for the containers
within their assigned projects. They are able to see the impact of their
improvements to security configurations and protections as they lower
risk scores and remove potential vulnerabilities. The one-click RBAC
integration requires no additional coding, scripting or configuration,
and adds to other OpenShift integration points for admission control,
image streams, OVS networking, and service deployments.
“We are seeing many business-critical container deployments using Red
Hat OpenShift,” said Fei Huang, CEO, NeuVector. “These customers turn to
NeuVector to provide complete run-time protection for in-depth defense –
with the combination of container process and file system monitoring, as
well as the industry’s only true layer-7 container firewall.”
Other useful new tools announced by NeuVector today include a summary of
network application protocol usage and downloadable security reports.
Also an industry-first, NeuVector’s protocol usage analysis for
containers shows the actual application protocols detected by NeuVector
using layer-7 deep packet inspection and includes the network
utilization in gigabytes for each protocol. These are useful for
detecting unusual network patterns, unauthorized protocols, or for
general application debugging.