UPDATED 01:00 EDT / AUGUST 17 2020

SECURITY

NeuVector adds compliance reporting for Kubernetes-based apps

Container security company NeuVector Inc. is updating its platform today with compliance reporting tools that help companies ensure their software deployments adhere to industry standards.

It’s also adding new workflows to help DevOps teams keep track of critical vulnerabilities in their software. NeuVector sells a security platform for companies that use the open-source Kubernetes tool to manage their software container deployments.

Kubernetes is a container orchestrator that has become the de facto tool for managing such deployments. Software containers are a way to package software applications so they can run inside any information technology environment and on any hardware.

The company’s platform includes a firewall that can detect abnormal connections within the network. It also provides runtime vulnerability scanning to spot threats as they appear. Finally, it adds protection capabilities that can shut down any compromised software container as soon as a threat is spotted.

With today’s update NeuVector introduces pre-configured compliance templates that help companies to adhere to data security regulations such as the Payment Card Industry Data Security Standard or the General Data Protection Regulation. NeuVector said the templates can be customized to perform specific compliance verifications whenever they’re needed, while new templates can be created to check against any internal or other industry requirements. The tool also generates compliance auditing reports when needed.

Meanwhile, the new workflows enable DevOps teams to track critical vulnerabilities and compliance violations and test these to see if they require immediate patching or follow-up alerts. The tests, which involve scanning and inspecting containers for embedded secrets, keep track of important information such as the dates and status of the vulnerabilities that are discovered. That can help DevOps teams to organize and prioritize their response to any issues that occur, the company said.

“Releasing compliance templates and vulnerability and compliance management workflow into our platform empowers DevOps and security teams to far more efficiently and assuredly align containerized environments with crucial regulatory requirements,” said NeuVector Chief Strategy Officer Fei Huang.

Other updates announced today include the addition of granular role-based access controls to support multi-department and managed service provider deployments. In addition, the platform now integrates with Amazon Web Services Inc.’s Lambda offering to protect serverless functions from vulnerabilities. Finally, NeuVector said its platform has been integrated with the Open Policy Agent, an open-source tool that’s used to manage and query security policy as code.

Those additions will make it easier for companies to “leverage NeuVector to safeguard containerized environments across the full application lifecycle,” Huang added.

Image: typographyimages/Pixabay

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU