Run-Time Support for Container Workloads and Linux Kernel Independence Reduce Cloud Security Risk and Speed Deployment of Latest Distributions
Bitdefender, a global cybersecurity leader, announced GravityZone Security for Containers, expanding its cloud workload security (CWS) offering with run-time support for containers and Linux kernel independence. The new solution delivers threat prevention,ย extended endpoint detection and responseย (XEDR) and anti-exploit protection for containers running in private and public clouds with comprehensive visibility and control through GravityZone, the company’s unified cybersecurity platform. New Linux kernel independence helps businesses move to the latest Linux distributions without the delays caused by dependencies commonly imposed by cybersecurity providers.
Recommendedย ITechย News: ย Google Cloud Region Goes Live in Delhi NCR in India
GravityZone Security for Containers provides a full stack solution supporting EDR and CWS, with an unmatched ability to prevent, detect and remediate threats against cloud workloads (including Docker and Kubernetes containers). Bitdefender Linux-native prevention and detection technologies identify threats earlier and reduce adversary dwell time.
The use of containers has grown rapidly, speeding application delivery and digital transformation initiatives. Gartner predicts that by 2025, 85 percent of organizations will run containers in production, up from less than 30 percent in 20201. In addition to delays in moving to new Linux distributions, traditional security tools may generate increased risk due to their dependence on kernel modules to support security functions. This can create security and system stability challenges, resulting in workloads running on Linux servers being exposed to greater attack success.
In a recent report2, Gartner analystsย Neil McDonaldย andย Tom Crollย write, “There is no guarantee that an enterprise will be able to place agents in theย Linuxย host OS in a container-based deployment. This is increasingly the case with locked-down minimal kernels and with some managed container services. The answer is to provide an architectural option to run the CWPP (cloud workload protection platform) offering as a privileged container (or as a sidecar inย Kubernetesย pods and service mesh architectures).”
Recommendedย ITechย News: ย NI and Seagate Collaborate to Improve How Data Accelerates Autonomous Vehicle Technology
So far in 2021,ย Bitdefender Labs, the company’s eliteย globalย team ofย security researchers, investigators and reverse malware engineers, hasย seenย aย marked increaseย in attacksย aimed atย containers and Linux servers with 71 percent of malware attributed to Mirai andย Meterpreter.ย It is now clear that adversaries have migrated toย multi-platformย attacks,ย developing malware (including ransomware)ย specifically for Linux binaries.
GravityZone Security for Containers is easy to deploy and offers several benefits for cloud operations and teams including:
- Unmatched protection against runtime attacksย — GravityZone Security for Containers protects containers and cloud-native workloads against Linux kernel, application zero-day and known exploit attacks in real-time and identifies the full context of incidents including which images and pods were involved.
- Multi-distribution securityย — GravityZone Security for Containers eliminates Linux security compatibility challenges via a single, lightweight agent that sits above the Linux kernel enabling organizations to update to the latest Linux distributions faster without sacrificing security efficacy.
- Complete visibility and controlย — Bitdefender GravityZone is multi-platform and enables complete security visibility and control over all containers and workloads across hybrid or multi-cloud environments from a single dashboard.
- MITRE ATT&CKยฎ mappingย — GravityZone Security for Containers maps cloud workload container attacks to the MITRE ATT&CKยฎ Framework. In the most recent MITRE ATT&CK test,ย GravityZone detected 100 percent of attack techniques against Linux systems.
Recommendedย ITechย News: ย HighByte Announces Major Release of Industrial DataOps Solution for Enterprise Deployments
“As we continue moving workloads to the cloud, it is imperative our security extends across all our environments including physical and virtual machines, multiple-clouds, hybrid and containers,” said Timothy Du Four, vice president and director of information technology at Greenman-Pedersen. “With Bitdefender, we have visibility into security issues and are proactive and better protected because GravityZone provides us with improved detection and alerting over our entire footprint.”
“Cybercriminals are increasingly focusing attacks on cloud workloads because that is where data and applications now reside for many organizations,” saidย Andrei Florescu, vice president of product management, Bitdefender Solutions Group. “With most cloud workloads built using containers and microservices running on Linux, extending security visibility and control across heterogeneous hybrid-cloud infrastructures is paramount. We built GravityZone Security for Containers to defend against Linux attack techniques and help businesses become resilient as they embrace containers for their cloud workload deployment architecture.”
Recommendedย ITechย News: ย Synopsys Advances Application Security Testing for Developers with Rapid Scan
