What is container security?
Why is container security important?
Use scenarios
Benefits
Threats addressed by PT Container Security
How to measure efficiency
Associated products

What is container security?

01

Container technologies such as Docker and Kubernetes are the backbone of modern DevOps processes. Container security involves the protection of containers, the infrastructure in which they run, and the applications that run in these containers during build, deployment, and execution. It's also important to protect containers at the cluster and orchestrator level.

Protecting containers is challenging because traditional cybersecurity tools are often incompatible with containerized environments. However, with the advent of DevSecOps, organizations have become aware of the importance of integrating container security throughout the entire development lifecycle. Container security must comply with the organization's policies and processes.

02

Why is container security important?

Omnipresent use of container technology, rapid digital transformation, increasing complexity and sophistication of cyberthreats, and extensive research and development (R&D) are pushing companies to implement cybersecurity tools for containerized environments.

  • 90%

    of IT specialists have experienced at least one security incident related to containers or Kubernetes clusters (according to RedHat's 2023 State of Kubernetes security report).

  • 63%

    of organizations delay the implementation of cloud technologies such as Kubernetes and microservices due to security concerns (according to a 2022 research by Cloud Native Computing Foundation and Linux Foundation Research Link: CNCF Annual Survey 2022 | Cloud Native Computing Foundation)

  • 32%

    container adoption rate in organizations (according to RedHat's 2023 State of Kubernetes security report).
Positive Technologies developed PT Container Security to address the needs of Russian companies to improve the efficiency of software development processes, boost digital transformation, and strengthen information security. This product is designed to protect the IT infrastructures of companies that use containerized virtualization. It provides a set of security tools for various stages of the software lifecycle and grants access to actionable cybersecurity insights that help implement best practices in container security and comply with industry standards.

03

Use scenarios

  • Protects runtime containers in private and public clouds, and Kubernetes on-premises and local infrastructures.

  • Can be integrated with current secure development tools (DevSecOps), vulnerability management tools, and a security event management system (SIEM) in security operations centers (SOCs).

  • Protects container-related secure development artifacts such as helm charts, Kustomize configuration templates, manifests (YAML), and docker files.

  • Protects runtime containers in Docker and Podman, and serverless computing environments.

     

    Release date: H2 2024.

  • Protects container-related secure development artifacts, such as Terraform scripts (a configuration representation and management format developed by HashiCorp) and Ansible scripts.

     

    Release date: February 2024

  • Allows customers to adjust content to their infrastructure and create custom expertise packs.

     

    Release date: February 2024.

04

Benefits

  • Database of vulnerabilities

    An in-house software vulnerability database that's collected and regularly updated by Positive Technologies experts. The database helps accurately detect vulnerabilities in ALT Linux, Astra Linux, Oracle, Red Hat, Ubuntu, and RED OS, as well as vulnerabilities listed in the NVD and FSTEC databases.

  • Expert intelligence

    Configuration security know-how (Kubernetes, Docker, Helm) that meets the requirements of global and Russian information security standards, in particular, CIS Benchmarks.

  • Risk management

    A unified approach to container infrastructure risk management. PT Container Security uses special risk assessment tools for images, configurations, containers, and clusters. It also uses cloud security posture management (CSPM) tools that help improve security by conducting continuous compliance checks and identifying risks associated with workloads under development.

  • Security ad code

    Practical implementation of Security as Code (SaC) that enables you to codify security policies at the beginning of projects, including as code in general-purpose programming languages using WebAssembly, which means that security checks, tests, and gateways can be incorporated into DevOps tools and processes without additional cost or delays in code and infrastructure changes.

     

    Available in 2024.

  • Dynamic analysis

    Dynamic malware analysis in a container sandbox using PT Sandbox and PT Multiscanner.

     

    Release date: June 2024.

  • Cloud security

    PT Container Security also provides hybrid cloud security (as part of a PaaS).

     

    Release date: February 2024.

  • Data sources

    Integration with Positive Technologies proprietary cyberthreat data sources (Threat Intelligence Platform). The sources include IP address reputation data and threat indicator information (file hash sums, signatures, and more).

     

    Release date: June 2024.

  • Integration

    Integration with PT Application Inspector, PT BlackBox, PT Application Firewall, and MaxPatrol 10 (MaxPatrol SIEM, MaxPatrol VM).

     

    Release date: February 2024.

PT Container Security policies can be flexibly configured to include various types of checks such as:

  • Admission controlling. A process that validates requests to the Kubernetes API server before they're processed. It allows administrators to control access to the cluster and manage it before applications start running on nodes. Administrators can use admission controllers to define cluster access rules, for example, check for required metadata or certificates, restrict access by IP address, and prevent the creation of objects with unspecified parameters.
  • Runtime security. This ensures the active protection of your containers while they're running. The idea is to detect and prevent malicious activity in containers. It's based on Extended Berkeley Packet Filter (eBPF) technology, which allows you to run program code in an isolated virtual machine inside the Linux kernel.
  • Image and configuration checks.

05

Threats addressed by PT Container Security

Automated vulnerability management to address vulnerabilities and flaws in image and container configurations during the build, deployment, and production stages.

Automated security management for Kubernetes cluster configurations.

Automated security incident monitoring and response in container runtime.

How to measure efficiency

06

If you're still undecided on whether to invest in securing your containerized environment, consider the following advantages:
Reduced time to patch.

  • Fewer bug reports and vulnerabilities (save on technical support resources).
  • Fewer vulnerabilities in the production runtime environment to minimize the risks related to delayed fixes of infrastructure bugs.
  • Minimization of unsuccessful project builds during continuous integration
  • Fewer errors related to vulnerability or flaw prioritization

07

Associated products

View all

PT AI

The only source code analyzer that provides high-quality analysis and convenient tools to automatically confirm vulnerabilities
Learn more

PT BlackBox

Dynamic application security testing tool
Learn more

PT Application Firewall

A web application firewall
Learn more

Get in touch

Fill in the form and our specialists
will contact you shortly