VMware adds advanced cloud workload protection for containers, Kubernetes
VMware has expanded its Carbon Black Cloud Workload offering to deliver security for containers and Kubernetes. The new solution increases visibility, enables compliance and enhances security for containerised apps, from build to production in public cloud and on-premises environments, the company says.
VMware Carbon Black Cloud Container has security built into the continuous integration and delivery (CI/CD) pipeline and analyses application risks before they are deployed into production. The capabilities added to VMware Carbon Black Cloud Workload enable infosec teams to scan containers and Kubernetes configuration files early in the development cycle, providing "continuous cloud-native security and compliance to better secure applications and data wherever they live".
Patrick Morley, senior VP and GM, security business unit at VMware, says containers and Kubernetes are allowing businesses to develop and modernise applications more rapidly than ever.
However, he cautions that this innovation is expanding the attack surface, and that organisations now need security for modern workloads to address a new set of threats and build resilient digital infrastructure. The VMware solution extends security to containers and Kubernetes to deliver a comprehensive cloud workload protection platforms.
“With security built into the development and deployment of applications, we are bridging the gap between the SOC and DevOps teams to help our customers reduce the risks that come with running containers across clouds.”
With security built into the development and deployment of applications, we are bridging the gap between the SOC and DevOps teams.Patrick Morely
Migrating to the cloud has had to happen quickly and at a large scale to ensure business continuity during the pandemic, Morely adds. “Development teams are looking to containers and Kubernetes for speed and the ability to scale application delivery.”
Analyst firm Gartner claims that “by 2025 more than 85% of global entities will be running containerised applications in production, which is a significant increase from fewer than 35% percent in 2019”.
Frank Dickson, program vice president, Security & Trust at IDC, says: “Kubernetes has become the de-facto best practice standard for developing cloud-native applications, yet developers are still leveraging siloed and inefficient tools with limited cross organization visibility.”
Dickson adds that VMware’s container security offering provides an opportunity for security and DevOps teams to work more closely together to leverage the power of Kubernetes and better secure the unique lifecycle development processes of container-based applications.
VMware container image scanning and CI/CD integration capabilities are expected to be available this month, and runtime security for detection and response will be available later this year.