DEVOPSdigest

Tenable Network Security has acquired FlawCheck, enabling the vulnerability management company to provide security for Docker containers and support organizations’ modern DevOps processes.

“Information technology is undergoing a profound change due to DevOps, containers and the mass migration of operations and infrastructure to the cloud,” said Renaud Deraison,CTO and co-founder, Tenable Network Security. “Tenable understands that next-generation technologies bring with them a range of new security challenges, which is why we are accelerating our investment in this area.”

Founded by Anthony Bettini and Sasan Padidar — who between them have previously held prominent roles at Facebook, Google, Intel and McAfee — FlawCheck helps organizations scan container images for vulnerabilities, malware and other risks. The product provides vulnerability and malware detection, along with continuous monitoring, for Docker containers, integrating with the continuous integration and continuous deployment (CI/CD) systems that build container images to ensure every container reaching production is secure and compliant with enterprise policy.

“Containers are changing the software development and deployment process, but many organizations don’t have a way to properly maintain and secure them,” said Bettini. “FlawCheck scans containers early in the software development lifecycle to make it easier and safer to deploy them in production, and then continuously monitors them for vulnerabilities and malware. By seamlessly incorporating FlawCheck into their development and deployment processes, enterprises gain visibility into the hidden security risks present in containers, enabling fast remediation without slowing innovation cycles.”

Organizations struggle to gain visibility into container-based malware and vulnerabilities and ensure the security of production code because containers are often rebuilt and redeployed on the fly, are active on networks for only short periods of time and exist outside of normal patching processes.

“As the IT world moves from old to new software development practices, we’ve seen time-to-production decrease by orders of magnitude,” said Adrian Sanabria, senior security analyst, 451 Research. “New technologies — cloud, containers — and the speed of new processes — DevOps — are creating the need for products that are purpose-built, easily integrated and easily automated.”

“FlawCheck is an amazing product that excels at detecting threats that otherwise would remain invisible, which is critical, because you can’t remediate what you don’t detect,” said Deraison. “The unique capabilities within FlawCheck to continuously monitor container images for malware and vulnerabilities are a natural extension of the container security capabilities already available to Tenable customers. We’re now working to bring a fully integrated product to market in 2017. The creativity and experience Tony and Sasan possess make them valuable additions to Tenable and I’m excited about what their presence means for the future of this company.”