Advanced Computing in the Age of AI | Friday, June 21, 2024

List of Kubernetes Tools, Defenses Grows 

via Shutterstock

Container tools and security fixes for Kubernetes cluster orchestrator continued to be rolled out as the microservices ecosystem evolves.

With Kubernetes security concerns growing as deployments scale, container security partners NeuVector and Sonatype this week released centralized container defenses along with open source software security tools. The goal of the integration is providing greater visibility into open source risks associated with Kubernetes and containers deployments.

Elsewhere, Mirantis, the company that acquired container pioneer Docker’s enterprise offerings last November, rolled out a cloud-based container platform designed to ship code faster on public clouds and internal infrastructure. Along with application portability, the Docker tool also eases use of Kubernetes for developers and operators across public and private cloud.

Mirantis said its container cloud enables multi-cloud deployments across public and private platforms along with bare metal. Other capabilities include multi-cluster management and on-demand, self-service clusters. Meanwhile, continuous software updates and lifecycle management across stacks can be automated using the tools.

“Unlike lock-in solutions like IBM/Red Hat and VMware that force you to deploy their rigid stack, Container Cloud empowers you to deploy your own multi-cloud everywhere,” asserted Adrian Ionel, CEO and co-founder of Mirantis.

The container cloud is available free for up to three clusters totaling 15 nodes. Annual subscriptions are required for larger, enterprise deployments, the company said this week.

The container and Kubernetes security tools also released this week reflect the growing number of companies running those microservices, making them an inviting target for hackers. “Kubernetes and containers are just as vulnerable to attacks and exploits from hackers and insiders as traditional environments, making streamlined security critical to all enterprises,” partners NeuVector and Sonatype said in releasing their integrate container security platform.

“Customers need a holistic approach to analyze, monitor and track the contents and runtime configurations of their containers to realize risk," said Brian Fox, CTO and co-founder of Sonatype.

“End-to-end container threat visibility and protection is vital to defending enterprises' micro-perimeters from increasingly sophisticated attacks and to ensure regulatory compliance,” added NeuVector CTO Gary Duan.

The partners said the container security platform would allow DevSecOps teams to inject security policies as code in order to secure production workloads.

Container security and tool vendors note the growing velocity and scale of container-based workloads along with the vulnerabilities associated with runtimes and unsecured image registries. Recent industry studies reveal that half the companies surveyed said they are running 250 or more containers.

That scaling has generated ease-of-use tools like the Mirantis container cloud along with heighten awareness of security vulnerabilities.

About the author: George Leopold

George Leopold has written about science and technology for more than 30 years, focusing on electronics and aerospace technology. He previously served as executive editor of Electronic Engineering Times. Leopold is the author of "Calculated Risk: The Supersonic Life and Times of Gus Grissom" (Purdue University Press, 2016).