Covering Scientific & Technical AI | Thursday, October 3, 2024

Qualys Boosts Container Security with SecOps Deal 

(LINE ICONS/Shutterstock)

As native cloud applications expand across companies large and in between, greater attention is being paid to securing the ephemeral application containers increasingly used to deliver distributed apps. Cloud security vendors are now attempting to scale those efforts in order to protect container-native applications and other microservices.

With that in mind, Qualys Inc. announced this week its acquisition of Layered Insight, a Silicon Valley startup that combines DevOps with security and compliance features dubbed SecOps.

The transaction price was $12 million, Qualys said, and an additional $4 million was in the form of an earn-out payment by the seller to finance the deal. Another $4 million payment was tied to the employment of key Layered Insight employees through 2019.

Layered Insight co-founders Asif Awan and John Kinsella will join Qualys, Awan as CTO of container security and Kinsella as vice president of engineering for container security.

Qualys (NASDAQ: QLYS) said Tuesday (Oct. 30) the acquisition adds a runtime security capability when applications are most vulnerable. The Layered Insight deal also adds automated security policy enforcement to the buyer’s current container security offering.

The combination is expected to appeal to large enterprise customers looking to scale application protection for container and emerging serverless workloads. Qualys said the integrated container security package would correlate “deep runtime behavioral analysis” with its current threat protection capabilities. The goal is to provide DevOps teams with runtime application security without adding to already complex container management tasks.

The container security acquisition is being touted as giving DevOps teams greater visibility into container runtime behavior, including network, storage and other system resource usage, so developers can gauge performance and compliance with security guidelines.

That capability would give developers “the ability to detect and prevent security breaches during runtime” when applications are most vulnerable to security breaches. Among the security options are setting alerts to detect runtime anomalies and automated policies to enforce security guidelines for application containers.

The upgraded protections could also be extended to serverless container service deployments such as Amazon Web Services (NASDAQ:AMZN) Fargate or Microsoft (NASDAQ: MSFT) Azure Container Instances, Qualys said, by extending visibility and security features to application images and runtimes.

Qualys, Foster City, Calif., said it expects Layered Insight’s cloud-native application protection tools to be integrated into its cloud platform by the second half of 2019.

The acquisition underscores the steady shift toward container runtime security as agile microservices gain traction as more customers seek to achieve continuous delivery of and upgrades to enterprise applications. For example, Google (NASDAQ: GOOGL) announced cloud partnerships in May focusing on container runtime security.

The combination of new security tools and the cloud vendor’s home-grown container orchestrator, Google Kubernetes Engine, are designed to manage security alerts for container clusters in order to detect and mitigate attacks on application container running in production.

The approach also addresses growing operational challenges in running containers and other microservices where diagnosing the root causes of performance issues has proven difficult.

--Editor's note: This story has been corrected to reflect closing terms for the transaction released during an earnings call with analysts.

About the author: George Leopold

George Leopold has written about science and technology for more than 30 years, focusing on electronics and aerospace technology. He previously served as executive editor of Electronic Engineering Times. Leopold is the author of "Calculated Risk: The Supersonic Life and Times of Gus Grissom" (Purdue University Press, 2016).

AIwire