Story image

NeuVector adds additional features to Kubernetes security platform

04 Dec 18

Container network security firm NeuVector is adding a new security integration that integrates with Kubernetes, extending Admission Control features and preventing the leak of vulnerabilities into production environments.

NeuVector, which also offers next-generation container firewall, says the additions will stop vulnerable images from deploying into Kubernetes production environments.

“As Kubernetes matures, enterprises are increasingly turning to the container orchestration solution for use across the full application development process – including in-production environments,” the company explains. 

“This proliferation is in turn necessitating security measures capable of safeguarding container environments throughout the entire breadth of the build-ship-run lifecycle.”

NeuVector’s security platform is also a container. It scans and discovers the vulnerable images before they are deployed. It also ensures that images are not altered or tampered with before deployment.

The platform maintains an active catalogue of images approved for deployment in production, and verifies images signatures as part of its security process. 

Synopsys is one of NeuVector’s partners. Synopsys senior technical evangelist Tim Mackey explains further:

"Considering the dynamic, ever-changing nature of modern containerized applications, and that in 2018 an average of 47 vulnerabilities are disclosed each day, a continuous approach to preventing vulnerable images from being deployed into production systems is critical.

“By integrating Black Duck OpsSight, our open source vulnerability detection solution for containers, with NeuVector Admission Control and run-time security, our customers are able to deploy Kubernetes with end-to-end security across their full container pipeline.”

NeuVector’s Admission Control release also ensures that only authorised users and service accounts are capable of deploying containers into production.

“With enterprises more commonly utilising containerised production environments, we’re proud to introduce Admission Control capabilities that enhance Kubernetes’ built-in features to ensure those environments are protected from tampering and free of known vulnerabilities,” comments NeuVector CTO Gary Duan.

“We’re excited to be introducing these features at DockerCon, and to demonstrate to attendees how our platform ensures the integrity of container images and provides container security across the full build-ship-run lifecycle.”

NeuVector is headquartered in California, United States and works with some of the world’s biggest firms like Docker, IBM, AWS, Google Cloud, Microsoft Azure, and others.

In November 2017, the company raised US$7 million in Series A funding, just 10 months after its launch into the market.

NeuVector was formed by security experts from the likes of Trend Micro, VMware, and Fortinet.

A10 aims to secure Kubernetes container environments
The solution aims to provide teams deploying microservices applications with an automated way to integrate enterprise-grade security with comprehensive application visibility and analytics.
DigiCert conquers Google's distrust of Symantec certs
“This could have been an extremely disruptive event to online commerce," comments DigiCert CEO John Merrill. 
One Identity a Visionary in Magic Quad for PAM
One Identity was recognised in the Gartner Magic Quadrant for Privileged Access Management for completeness of vision and ability to execute.
Gartner names newcomer Exabeam a leader in SIEM
The vendor landscape for SIEM is evolving, with recent entrants bringing technologies optimised for analytics use cases.
52mil users affected by Google+’s second data breach
Google+ APIs will be shut down within the next 90 days, and the consumer platform will be disabled in April 2019 instead of August 2019 as originally planned.
Symantec releases neural network-integrated USB scanning station
Symantec Industrial Control System Protection Neural helps defend against USB-borne cyber attacks on operational technology.
Ramping up security with next-gen firewalls
The classic firewall lacked the ability to distinguish between different kinds of web traffic.
Gartner names LogRhythm leader in SIEM solutions
Security teams increasingly need end-to-end SIEM solutions with native options for host- and network-level monitoring.