Are you attending DockerCon 2017 in Austin, TX? If so, I invite you to add Cavirin to your MUST SEE list of vendors.
Cavirin provides continuous security assessment and remediation across physical, public, and hybrid clouds, supporting AWS, Microsoft Azure, Google Cloud Platform, VMware, KVM, and Docker. The company's solutions offer continuous visibility, are agentless and multi-tenant, and scale to the largest physical and virtual infrastructures. They offer up-to-the-minute compliance assessments, supplying audit-ready evidence as measured by every major regulatory and security best practice framework including CIS, DISA, PCI and HIPAA. With Cavirin, companies are empowered to make the right decisions faster and de-risk their cloud migrations.
Read this exclusive pre-show interview with VMblog and Cavirin to learn what they have planned for DockerCon 2017.
VMblog: How can people find you at this year's DockerCon 2017 event? And how many
people from your company will be there?
Cavirin: We're E4, a pod, and we'll
have some of our lead architects and product managers attending. Our VP of Engineering will also be available
VMblog: Do you have a theme for your booth?
Cavirin: Continuous Security
Assessment and Remediation for the Docker ecosystem. For example, you are deploying containers
within AWS, and you want to make sure that your OS is secure, that it has not
drifted, to use the term, from a known secure baseline. We watch out for this by continually looking
for any changes, pointing them out, and offering remediation advice. In the past, this has been available for
bare-metal servers, and then virtualization, and now for containers.
We've taken a leadership
role in building these security benchmarks for containers, and also offer an
image scanning capability to identify any vulnerabilities in images that are
downloaded from a registry. Scanning the container images for security is
critical before they hit production, since container based applications are
often built by composing with other images downloaded from registries, some
even untrusted, that can potentially have serious vulnerabilities. We have
automated container security to the level of easy integration into application
development process and CI/CD pipeline.
message can an attendee take back with them to sell their boss on
Cavirin: If they are implementing
containers either on-premises or as part of a cloud deployment, they need to
ensure that their workloads are secure.
And, if they bring in images from a registry, they need to ensure that these
are not corrupted. We support both of
these scenarios, de-risking their deployments. They also take the message back
that, security can now be added as as essential acceptance criteria for their
container based applications, and begin practicing DevSecOps methodology in
delivering solutions. They can also derive comfort that, our product to
interface effectively with their container orchestration platform of their
choice such as Kubernetes, and enable security orchestration end-to-end.
If you want to read more
about our Docker solutions, go - https://www.cavirin.com/solutions/cavirin-for-docker.html
VMblog: Why should a DockerCon attendee add you to their MUST SEE list?
Cavirin: If a user is concerned
about the security of their Docker deployment, they should visit us. If they have no interest in security, they
can skip us. Do you know anyone not
interested in security? There are many
different vendors exhibiting, but we're probably unique in where we live in the
ecosystem and what we provide.
VMblog: What do you like most about sponsoring DockerCon?
Cavirin: We're taking a leadership
role securing the container lifecycle, including OS hardening of containers as
well as registry and Docker Hub image scanning.
We want to demonstrate this leadership, and DockerCon is the perfect
VMblog: Can you give VMblog readers a sneak peek as to what you will be
showing off at your booth this year?
Cavirin: We will be demoing our
latest product that supports both OS hardening for containers, as well as
implementing the CIS Docker security benchmark.
We'll also be demoing Docker image scanning. Our solution is immediately deployable by
customers. We will also be showing an API level usage our security platform
that simplifies the integration of container security into the SDLC lifecycle
and CI/CD pipeline.
VMblog: If you would, please explain or give readers a few reasons why
your product or service is considered unique?
Cavirin: We look at the lifecycle of
securing the container deployment, but quickly discovering assets either
on-premises or within the cloud, analyzing these against a set of benchmarks
and regulations, pointing out failures, and recommending corrective
action. This can be continuous, critical
in a Docker environment with short-lived workloads. Moreover, the discovery and security
management of the container clusters can be orchestrated through the API level
integration with platforms such as Kubernetes which is the platform of choice
for container management in enterprises. Over time, we're adding additional adaptive
analytics capabilities that will permit the CISO to predict what will happen on
the network, as opposed to just reacting.
VMblog: How does your company and product fit within the Docker or
Cavirin: Unlike products that run
within containers, and go through the standard certification process, we play
an entirely different role. It is more
in the space of a virtual firewall or load balancer, since we in effect provide
an infrastructure service to the enterprise.
We help them secure their container deployments, and if they are in a
regulated vertical, we ensure that they remain PCI, HIPAA, or other forms of
compliance. Our product will also be available as
an image in the public Docker hub, where security minded engineers can pull and
bring it up within their Docker ecosystems. The target resources that our
product scans do not have to be necessarily container based, though the
solution itself runs as a container.
VMblog: What are you looking forward to most at this
Cavirin: Rainey Street? No...
seriously.... Meeting decision-makers within the Docker community who will
understand the importance of our offering and can also provide feedback for
VMblog: I think most people are looking forward to Rainey Street! What would you say to prospective attendees who
are thinking about attending DockerCon but aren't sure if it's worth it or not?
Cavirin: Given container momentum, this is the premier event bringing
together the total ecosystem. We all
know the network effect of the more people, the greater value. Who knows what take-aways are waiting in the
VMblog: What can we do collectively as
an ecosystem to strengthen the industry?
Cavirin: Set a framework for vendors to peer with each other. At times, it seems as if Docker itself is
running low on bandwidth for partner management.
VMblog: What do you hope to come away with from
exhibiting at DockerCon?
Cavirin: We've set expected metrics for face-to-face meetings as well as
actionable badge scans. The proof will
be in follow-up after the event, keeping above the noise of all the other
vendors. It will be interesting to see
if the attendees have budget and decision authority, or if most are deep in the
technology or there for certification.
The ROI will be important, since for next year we'd need to move to a
full sponsorship. This is a major jump
for us and would need to be balanced against other events.
VMblog: Attendees always enjoy a good trade show tchotchke. Are you
guys giving away anything useful or interesting this year?
Cavirin: Yes, come by and get a USB
Safe to say, if security is high on your list, make sure to get Cavirin added to your schedule and swing by their booth to learn more. And don't forget to grab one of their USB battery bars afterward. Your phone will thank you!