SentinelOne, the autonomous endpoint protection company, today announced a new Automated Application Control Engine designed
to secure cloud and containerized workloads without human intervention.
The new automated engine automatically secures containers at runtime
against known and unknown threats, eliminating the need to manually
maintain allow-lists, preserving cloud and container workload's
immutable states while also defending against modern threats such as
malware, cryptojacking, and zero-days.
"Organizations
need cloud security solutions that can secure their cloud assets at the
speed of business," said Guy Gertner, VP Product Management,
SentinelOne. "It is critical to defend cloud and container workloads,
but any solution that impacts the flexibility, speed, and agility of
development defeats the whole purpose of going cloud. SentinelOne
distinctly understands the need to secure the cloud without
interference, and we are happy to deliver a cloud security solution that
furthers our customers' IT and business objectives."
One
of the defining principles of cloud-native workloads is their
self-contained architecture - they are built from immutable images
containing everything the application needs to run. While security is a
concern, any proposed security solution must not disturb the workload's
dynamic nature. Most container solutions today rely on creating
allow-lists, white-listing everything that is cleared to run in the
container, and identifying anything else as a threat to be mitigated.
However, these existing solutions are flawed: whether pre-deployment
scanning or learning during runtime, today's container security products
either inhibit agility, require too much labor or miss legitimate
threats.
The
SentinelOne solution offers a default deny mode for containers to
prevent unauthorized changes to production workloads. The engine
requires no special configurations and does not add complexity or delay
to the software delivery chain. Designed to protect container workloads
from the get-go, whether they run as Kubernetes pods or as plain
containers in Docker servers, the engine is enabled with one simple
click and deploys in seconds.
The
Application Control Engine feature is available in Kubernetes and Linux
4.4 workload agents.