Tenable Network Security Acquires Container Security Company FlawCheck
October 26, 2016

Tenable Network Security has acquired FlawCheck, enabling the vulnerability management company to provide security for Docker containers and support organizations’ modern DevOps processes.

“Information technology is undergoing a profound change due to DevOps, containers and the mass migration of operations and infrastructure to the cloud,” said Renaud Deraison,CTO and co-founder, Tenable Network Security. “Tenable understands that next-generation technologies bring with them a range of new security challenges, which is why we are accelerating our investment in this area.”

Founded by Anthony Bettini and Sasan Padidar — who between them have previously held prominent roles at Facebook, Google, Intel and McAfee — FlawCheck helps organizations scan container images for vulnerabilities, malware and other risks. The product provides vulnerability and malware detection, along with continuous monitoring, for Docker containers, integrating with the continuous integration and continuous deployment (CI/CD) systems that build container images to ensure every container reaching production is secure and compliant with enterprise policy.

“Containers are changing the software development and deployment process, but many organizations don’t have a way to properly maintain and secure them,” said Bettini. “FlawCheck scans containers early in the software development lifecycle to make it easier and safer to deploy them in production, and then continuously monitors them for vulnerabilities and malware. By seamlessly incorporating FlawCheck into their development and deployment processes, enterprises gain visibility into the hidden security risks present in containers, enabling fast remediation without slowing innovation cycles.”

Organizations struggle to gain visibility into container-based malware and vulnerabilities and ensure the security of production code because containers are often rebuilt and redeployed on the fly, are active on networks for only short periods of time and exist outside of normal patching processes.

“As the IT world moves from old to new software development practices, we’ve seen time-to-production decrease by orders of magnitude,” said Adrian Sanabria, senior security analyst, 451 Research. “New technologies — cloud, containers — and the speed of new processes — DevOps — are creating the need for products that are purpose-built, easily integrated and easily automated.”

“FlawCheck is an amazing product that excels at detecting threats that otherwise would remain invisible, which is critical, because you can’t remediate what you don’t detect,” said Deraison. “The unique capabilities within FlawCheck to continuously monitor container images for malware and vulnerabilities are a natural extension of the container security capabilities already available to Tenable customers. We’re now working to bring a fully integrated product to market in 2017. The creativity and experience Tony and Sasan possess make them valuable additions to Tenable and I’m excited about what their presence means for the future of this company.”

Share this

Industry News

November 25, 2024

Sonatype and OpenText are partnering to offer a single integrated solution that combines open-source and custom code security, making finding and fixing vulnerabilities faster than ever.

November 25, 2024

Red Hat announced an extended collaboration with Microsoft to streamline and scale artificial intelligence (AI) and generative AI (gen AI) deployments in the cloud.

November 25, 2024

Endor Labs announced that Microsoft has natively integrated its advanced SCA capabilities within Microsoft Defender for Cloud, a Cloud-Native Application Protection Platform (CNAPP).

November 21, 2024

Red Hat announced the general availability of Red Hat Enterprise Linux 9.5, the latest version of the enterprise Linux platform.

November 21, 2024

Securiti announced a new solution - Security for AI Copilots in SaaS apps.

November 20, 2024

Spectro Cloud completed a $75 million Series C funding round led by Growth Equity at Goldman Sachs Alternatives with participation from existing Spectro Cloud investors.

November 20, 2024

The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, has announced significant momentum around cloud native training and certifications with the addition of three new project-centric certifications and a series of new Platform Engineering-specific certifications:

November 20, 2024

Red Hat announced the latest version of Red Hat OpenShift AI, its artificial intelligence (AI) and machine learning (ML) platform built on Red Hat OpenShift that enables enterprises to create and deliver AI-enabled applications at scale across the hybrid cloud.

November 20, 2024

Salesforce announced agentic lifecycle management tools to automate Agentforce testing, prototype agents in secure Sandbox environments, and transparently manage usage at scale.

November 19, 2024

OpenText™ unveiled Cloud Editions (CE) 24.4, presenting a suite of transformative advancements in Business Cloud, AI, and Technology to empower the future of AI-driven knowledge work.

November 19, 2024

Red Hat announced new capabilities and enhancements for Red Hat Developer Hub, Red Hat’s enterprise-grade developer portal based on the Backstage project.

November 19, 2024

Pegasystems announced the availability of new AI-driven legacy discovery capabilities in Pega GenAI Blueprint™ to accelerate the daunting task of modernizing legacy systems that hold organizations back.

November 19, 2024

Tricentis launched enhanced cloud capabilities for its flagship solution, Tricentis Tosca, bringing enterprise-ready end-to-end test automation to the cloud.