Containers are "core to the fabric of IT" - so let's protect them

Qualys increases visibility and security of Docker container deployments

Qualys, the cloud-based security provider, has announced a new product designed to secure Docker containers in both cloud and on-premises deployments.

Scheduled to enter beta in Q3 this year, Qualys Container Security is used for continuous security and single-pane visibility in the growing container ecosystem. Customers can proactively protect their container deployments and DevOps processes ‘at any scale,' the company says.

Neil MacDonald of Gartner says, "OS containers are not inherently unsecure, but are being deployed [insecurely]... Security and risk management leaders must address container security issues around vulnerabilities, visibility, compromise and compliance."

With full visibility, which is touted as a main feature, organisations will be able to both discover containers and track changes in real time. They will also be able to view assets and relationships to identify and isolate vulnerable elements. The tool also extends this vulnerability detection and policy compliance checks to the image registries, containers and hosts.

Announced at Gartner's Security and Risk Summit 2017, the initial release includes multiple security features, such as the discovery, inventory and ‘near-real time' tracking of container events mentioned above, and vulnerability analysis. In addition, users can build this vulnerability scanning into their continuous integration (CI) and continuous development (CD) tool chain using the Qualys API. DevOps and security teams can thus scan container images for flaws before they are widely distributed.

A final new feature is Qualys' Container Sensor; users can download and deploy these sensors directly on their container hosts, add them to the private registries for distribution or integrate them with orchestration tools for automatic deployment across elastic cloud environments.

"Containers are core to the IT fabric powering digital transformation," said Philippe Courtot, chairman and CEO of Qualys. "Our new solution for containers enables customers on that journey to incorporate two-second visibility and continuous security as a critical part of their agile development."

Qualys has also announced a new add-on for the company's Vulnerability Management product, called Security Configuration Assessment; this provides cloud-based tools for automating configuration assessments of IT assets, using benchmarks from the Center for Internet Security.