Kaspersky Container Security is a new solution that protects containerized applications at all stages. It offers container image scanning, runtime security, and integration with DevSecOps tools.
Kaspersky announces the launch of a full-featured solution for containerized environments, Kaspersky Container Security (KCS). This solution offers secure containerized applications at all stages, from development to operation. The product becomes active directly after installation, is low-cost, simple to deploy, and easily integrates into the company’s IT infrastructure. Together with Kaspersky Hybrid Cloud Security, KCS forms a security ecosystem for hybrid and cloud infrastructures. Â
Containerization is becoming an increasingly popular choice in software development as it helps developers to more rapidly create and deploy high-profile applications. The main advantage of the technology is its autonomy, which is reflected in its name. Like bagged cargo on a container ship, the container holds everything needed to develop, deliver and deploy an application (microservice), binary code, associated configurated files, libraries and dependencies. This allows containerized applications to be easily portable, highly reliable and capable of being run by distributed teams.
Containerized environments need protection as the number of cyber incidents continues to grow. To counter this problem, Kaspersky launched Kaspersky Container Security, a specialized solution for containerized environments designed to protect businesses that already use or plan to implement containers. The product provides security for all stages of containerized application development. In addition to the development process, the solution protects runtime. For example, it controls the launch of only trusted containers, the operation of applications and services inside the containers, and monitors the traffic.
There are three main components in Kaspersky Container Security: ‘KCS scanner,’ ‘KCS agent,’ and managing ‘KCS server’:
- KCS scanner checks configuration files for misconfigurations, scans images for vulnerabilities, malware, and sensitive data, and checks them by assurance policies within the image registry and CI/CD platforms.
- KCS agent ensures protection from various attacks on the application in the container, monitors container and network interactions in clusters, and checks the whole system for compliance with security standards.
- KCS server aggregates the data received from the scanner and the agent, allows customers to visualize data and generate reports, and integrates with other security solutions (e.g., SIEMs like Kaspersky’s KUMA).
Kaspersky Container Security easily integrates into the DevSecOps framework of an organization, CI/CD pipelines and infrastructure. It can strengthen DevOps protection for companies with developed DevSecOps processes and for companies that have only begun implementing them. The solution also allows predictable deadlines to be set for the application to be released due to the automation of security and compliance checks at all stages.
“Containerization is the new normal, but its risks are not covered by traditional endpoint or virtual machine security solutions as it requires specific solutions,” said Timofey Titkov, head of the cloud and network security product line at Kaspersky. “This is why we launched Kaspersky Container Security (KCS), a solution that protects containerized applications during their life cycle, including runtime, the most vulnerable area. KCS helps our customers build the DevSecOps process, where security is ensured at every stage of development. This launch is an important step towards one of Kaspersky’s key goals to provide comprehensive protection to all types of digital assets of our customers.”
