DEVOPSdigest

NeuVector and Alibaba Cloud announced a new partnership to strengthen Kubernetes security for enterprise customers.

Alibaba Cloud has recently launched its Container Service for Kubernetes to help users deploy containers more easily and securely, and the service is now utilizing NeuVector’s technology to provide specialized security for Kubernetes containers.

Alibaba Cloud’s Container Service for Kubernetes is a fully-managed solution that enables organizations to focus on building their applications rather than constantly managing and optimizing container infrastructure. Importantly, the service provides high-performance, flexible, and enterprise-grade management of Kubernetes containerized applications throughout the entire application lifecycle. Container Service for Kubernetes simplifies cluster creation and expansion, and integrates Alibaba Cloud capabilities in virtualization, storage, network, and security to provide a markedly improved running environment for Kubernetes-containerized applications.

Kubernetes container deployments can be threatened from both new attack vectors and traditional ones, leaving them particularly vulnerable to hackers, data theft, ransomware, crypto mining, and other dangers. To consistently protect against these attacks, the NeuVector container security platform adds the protection and visibility required for any business-critical, financial, web-facing, or compliance-driven deployment.

Attacks on containers, on the orchestration tools managing them, or on container infrastructure are often comprised of a “kill chain” of security events across multiple threat vectors. It takes a multi-vector container security platform to detect these attacks as early as possible – and at as many points as possible along the kill chain. To secure containers deployed by Alibaba Cloud customers, NeuVector’s platform includes these key features:

- Support throughout the entire DevOps container deployment lifecycle, from build to ship to run.

- Security automation, starting with a Jenkins plug-in for vulnerability scanning during the build process.

- Container registries such as the Alibaba Cloud Container Registry can be configured so that any new images in a repository will be automatically scanned by NeuVector.

- Kubernetes and Docker CIS benchmarks will test host and container configurations before and after production deployments.

- Run-time security is delivered by the unique, cloud-native Layer-7 container firewall that combines deep packet inspection (DPI) of east-west traffic with container inspection and host security to detect and prevent attacks at multiple points in the kill chain.

“NeuVector is the leading container security platform that supports Alibaba Cloud public and private cloud customers during their entire container deployment lifecycle,” said Daibin Ge, Senior Security Expert, Alibaba Cloud. “The unique multi-vector security platform provides in-depth network visibility and protection combined with container attack detection and vulnerability scanning. We are pleased to work with the NeuVector team to enable confident Kubernetes and Docker container deployments.”

“Together, NeuVector and Alibaba Cloud provide a highly secure environment for business-critical containerized applications to be deployed with confidence,” said Fei Huang, CEO, NeuVector. “Our new partnership enables Alibaba Cloud to feature comprehensive capabilities that ensure data security and privacy, while also adhering to domestic and international information security standards and industry requirements. We’re proud of this partnership, and of our role in empowering Alibaba Cloud users by effectively securing their container-based applications.”