Virtualization Technology News and Information
Article
RSS
New Container Security Tool Tells DevOps and Platform Engineers if They're Protected Against Escapes

Edera announced the availability of Am I Isolated, an open source container security benchmark that probes users runtime environments and tests for container isolation. 

The Rust-based container runtime scanner runs as a container and detects gaps in users' container runtime isolation. It also provides guidance to improve users' runtime environments to offer stronger isolation guarantees.  

"The threat of container escapes is resulting in millions in lost revenue for enterprises. Companies are either spending unnecessary dollars running separate Kubernetes environments for untrusted containers or they're using too many expensive and antiquated tools that don't solve anything," said Emily Long, co-founder and CEO at Edera. "It's time to change the way containers are run and secured and that means solving for escapes. Visibility into your level of vulnerability is the first step. We're excited to bring this tool to our customers and the community at large." 

Containers are just processes on a host, so isolation is critical to workload and multi-tenancy security because it limits the blast radius of container escapes and security incidents. Am I Isolated also probes for ambient privileges and common misconfigurations made by DevOps teams and platform engineers when setting up their containerized applications or container runtime environments. It provides ongoing testing against container escape techniques. 

While Kubernetes turned 10 years-old earlier this year, running secure multi-tenancy workloads remains an unsolved problem that's costing companies millions of dollars. Edera introduces a diverse set of technologies with a diverse team of experts to solve what has been the decade's defining enterprise security challenge.

Edera uses a type 1 hypervisor to offer isolation at the container level for the first time, enabling companies to realize the original promise of Kubernetes and to move quickly to run GPUs for emerging AI workloads. Instead of running containers in Linux namespaces, Edera's platform treats a container like a virtual machine guest. There is no shared kernel state between containers, and a memory-safe Rust control plane further secures workloads. Edera can be used anywhere users run their containers (public cloud, private cloud and on-premise) and doesn't require virtualization extensions or custom infrastructure. It's simple, delivers peace of mind and saves companies millions in cloud costs.  

Am I Isolated is free and open source and can be downloaded on Edera's GitHub.

Published Thursday, November 07, 2024 2:02 PM by David Marshall
Filed under: ,
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<November 2024>
SuMoTuWeThFrSa
272829303112
3456789
10111213141516
17181920212223
24252627282930
1234567