NeuVector, the leader in
container network security, announced new capabilities to help container
security teams better assess the security posture of their deployed services in
production. New dashboard widgets and downloadable reports provide security risk
scores for the most critical run-time attack risks: network-based attacks and
vulnerability exploits in containers. Specifically, NeuVector now delivers an
intelligent assessment of the risk of east-west attacks, ingress and egress
connections, and damaging vulnerability exploits. NeuVector is making the
announcement at Red Hat Summit, held May 7-9 in Boston.
An overall risk score summarizes all available risk factors and provides advice
on how to lower the threat of attack - thus improving the score. The service
connection risk score shows how likely it is for attackers to move laterally
(east-west) to probe containers that are not segmented by the NeuVector
firewall rules. The ingress/egress risk score shows the risk of external
attacks or outbound connections commonly used for data stealing or connecting
to C&C (command and control) servers. Additionally, the vulnerability
exploit risk combines run-time scan results for containers with the protection
mode of the container. If the container is protected by NeuVector's whitelist
rules for network segmentation and process profiling, then there is a lower
risk of a vulnerability exploit spreading or critically damaging the service.
"The NeuVector container security solution spans the entire pipeline - from
build to ship to run," said Gary Duan, CTO, NeuVector. "Because of this, we are
able to present an overall analysis of the risk of attack for containers during
run-time. But not only can we help assess and reduce risk, we can actually take
automated actions such as blocking network attacks, quarantining suspicious
containers, and capturing container and network forensics."
Furthermore, leveraging the industry's tightest
integration with
Red Hat OpenShift, the risk assessments and reports are specific to the
OpenShift projects and namespaces for each user. With this integration,
individual users can review the risk scores and security posture for the
containers within their assigned projects. They are able to see the impact of
their improvements to security configurations and protections as they lower
risk scores and remove potential vulnerabilities. The one-click RBAC
integration requires no additional coding, scripting or configuration, and adds
to other OpenShift integration points for
admission control, image streams, OVS networking, and
service deployments.
"We are seeing many business-critical container deployments using Red Hat
OpenShift," said Fei Huang, CEO, NeuVector. "These customers turn to NeuVector
to provide complete run-time protection for in-depth defense - with the
combination of container process and file system monitoring, as well as the
industry's only true layer-7 container firewall."
Other useful new tools announced by NeuVector today include a summary of
network application protocol usage and downloadable security reports. Also an
industry-first, NeuVector's protocol usage analysis for containers shows the
actual application protocols detected by NeuVector using layer-7 deep packet
inspection and includes the network utilization in gigabytes for each protocol.
These are useful for detecting unusual network patterns, unauthorized
protocols, or for general application debugging.