Virtualization Technology News and Information
Atomicorp Releases First Kernel-Level Docker Security and is Available Today Through AWS, Azure and Direct

Atomicorp, the leader in secure Linux, today announced the first hardened Linux kernel designed specifically to protect Docker containers from entire classes of cyber attacks. Atomic Secured Docker Kernel for Ubuntu and CentOS are available today on Azure and Amazon Web Services (AWS). The secure kernel comes pre-packaged with either the Ubuntu or CentOS Linux image. The hardened kernels are also available for direct purchase for on-premises environments.

"The Atomic Secured Docker Kernel is about protecting containers from break-ins and break-outs. Few people understand that vulnerabilities at the kernel and OS layer are inherited by every Docker container on that system. By hardening the kernel, that kernel and OS level protection is inherited by all containers. The protection also extends to preventing container breakouts, application layer attacks such as memory corruption attacks, buffer overruns, overflow attacks, code reuse attacks, and much more. Docker has quickly become widely used in production environments, but security hasn't kept up. Atomic Secured Docker Kernels protect containers automatically. Developers don't have to do a thing other than load the OS image or use the secure kernel," said Scott Shinn, Atomicorp chief technology officer.

Atomicorp CEO Mike Shinn added, "Docker security has emerged as an important enterprise risk factor. 451 Research estimates that Docker container spending will reach $2.7 billion by 2020 and is growing at a 40 percent compound annual growth rate. The firm also found that 14 percent of organizations were using Docker in production. The problem is that few developers understand that containers are very vulnerable to bottom-up, top-down and lateral cyber attacks. And, the risks are very different from virtual servers where functions are actually isolated. Atomicorp creates umbrella protection for Docker containers by using the kernel to prevent malicious activity from occurring or replicating. It all happens in the background so the developers and application managers don't have to worry about it. They are automatically protected."

Atomic Secured Docker Kernels protect Docker containers from entire classes of common cyber attacks through innovative technologies including:

1.    Container Break-out Prevention (CBOP)
2.    Reuse Attack Protection (RAP)
3.    Memory Corruption protection
4.    Bounds checks for kernel copies to/from userland
5.    Stack protection against Buffer overflow attacks
6.    Prevention of direct userland access by the kernel
7.    Prevention of userland code execution by kernel
8.    Hardened userland memory permissions
9.    Automatic response to exploit brute forcing
10.  Code reuse attack prevention
11.  And many more

The kernels are also rebootless and enable a virtual patching approach so you don't need to modify containers to update protections or reboot the system to update the kernel. Atomic Secured Docker Kernels are in use today at Fortune 500 companies and are suitable for small businesses as well as large enterprise. The hardened kernels are designed for automated protection with low overhead requirements so performance is nearly identical to a standard, unprotected OS image.

  •     You can learn more about Atomic Secured Docker Kernels here.
  •     Azure hosted Atomic Secured Linux Kernel for Ubuntu and CentOS
  •     AWS hosted Atomic Secured Docker kernel for CentOS.
  •     Direct purchase of Atomic Secured Docker Kernel here.
Published Thursday, August 17, 2017 8:22 AM by David Marshall
Filed under: ,
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<August 2017>