DEVOPSdigest

Bitdefender announced GravityZone Security for Containers, expanding its cloud workload security (CWS) offering with run-time support for containers and Linux kernel independence.

The new solution delivers threat prevention, extended endpoint detection and response (XEDR) and anti-exploit protection for containers running in private and public clouds with comprehensive visibility and control through GravityZone, the company’s unified cybersecurity platform. New Linux kernel independence helps businesses move to the latest Linux distributions without the delays caused by dependencies commonly imposed by cybersecurity providers.

GravityZone Security for Containers provides a full stack solution supporting EDR and CWS, with the ability to prevent, detect and remediate threats against cloud workloads (including Docker and Kubernetes containers). Bitdefender Linux-native prevention and detection technologies identify threats earlier and reduce adversary dwell time.

The use of containers has grown rapidly, speeding application delivery and digital transformation initiatives. In addition to delays in moving to new Linux distributions, traditional security tools may generate increased risk due to their dependence on kernel modules to support security functions. This can create security and system stability challenges, resulting in workloads running on Linux servers being exposed to greater attack success.

So far in 2021, Bitdefender Labs, the company’s global team of security researchers, investigators and reverse malware engineers, has seen a marked increase in attacks aimed at containers and Linux servers with 71 percent of malware attributed to Mirai and Meterpreter. It is now clear that adversaries have migrated to multi-platform attacks, developing malware (including ransomware) specifically for Linux binaries.  

GravityZone Security for Containers is easy to deploy and offers several benefits for cloud operations and teams including:

- Unmatched protection against runtime attacks -- GravityZone Security for Containers protects containers and cloud-native workloads against Linux kernel, application zero-day and known exploit attacks in real-time and identifies the full context of incidents including which images and pods were involved.

- Multi-distribution security -- GravityZone Security for Containers eliminates Linux security compatibility challenges via a single, lightweight agent that sits above the Linux kernel enabling organizations to update to the latest Linux distributions faster without sacrificing security efficacy.

- Complete visibility and control -- Bitdefender GravityZone is multi-platform and enables complete security visibility and control over all containers and workloads across hybrid or multi-cloud environments from a single dashboard.

- MITRE ATT&CK® mapping -- GravityZone Security for Containers maps cloud workload container attacks to the MITRE ATT&CK® Framework. In the most recent MITRE ATT&CK test, GravityZone detected 100 percent of attack techniques against Linux systems.

“Cybercriminals are increasingly focusing attacks on cloud workloads because that is where data and applications now reside for many organizations,” said Andrei Florescu, VP of Product Management, Bitdefender Solutions Group. “With most cloud workloads built using containers and microservices running on Linux, extending security visibility and control across heterogeneous hybrid-cloud infrastructures is paramount. We built GravityZone Security for Containers to defend against Linux attack techniques and help businesses become resilient as they embrace containers for their cloud workload deployment architecture."