UPDATED 23:51 EDT / OCTOBER 30 2016

NEWS

Tenable Network Security buys FlawCheck to seal up leaky software containers

Cyber-security firm Tenable Network Security Inc. is betting on the rise of containers, which allow applications to run on any computer. But ensuring the security of containers deployed usingDevOps, a method of speeding up deployment of information technologies in companies, has been a particular challenge.

That’s why Tenable recently acquired the San Francisco-based startup FlawCheck. Tenable, which is based in Columbia, Md., is a startup itself, one of several cyber-security firms that have sprung up in the shadow of the nearby National Security Agency in recent years. The company’s security platform is built around its Nessus network vulnerability scanner, which is available as both a cloud and on-premises vulnerability scanning and management solution.

As for FlawCheck, it was founded just last year to provide tools for scanning application container images for malware and other security vulnerabilities. FlawCheck’s very specific approach provides for continuous monitoring of Docker containers, which ties in very nicely with the continuous integration and deployment tools used by DevOps teams as they build their images. FlawCheck’s software helps to ensure that containers running production workloads remain isolated from one another, and therefore stay compliant with enterprise security policies.

Leading container companies such as Docker Inc. have focused on leveraging Linux kernel features, including control groups and namespaces, in their security efforts. That has provided a basic level of defense against cyber-threats. Isolation is another key part of container security. But Tenable says all those efforts are not nearly enough.

“Users need to take additional steps to lock down the [Linux] kernel, reduce the attack surface of the Docker daemon [the background process that answers requests for services] and harden the container configuration to have a truly secure setup,” the company said in a blog post earlier this year.

Tenable’s acquisition of FlawCheck comes at a time when containers are helping to rapidly accelerate DevOps processes. For example, these days containers are often redeployed on the fly, generating a need for DevOps teams to be able to automate the process of scanning them for vulnerabilities first.

FlawCheck cofounder Anthony Bettini said the startup’s scanning tool is designed to give DevOps teams greater visibility into container security by enabling the continuous monitoring of software development and container deployments.

“Containers are changing the software development and deployment process, but many organizations don’t have a way to properly maintain and secure them,” Bettini said in a statement. “FlawCheck scans containers early in the software development lifecycle to make it easier and safer to deploy them in production, and then continuously monitors them for vulnerabilities and malware. By seamlessly incorporating FlawCheck into their development and deployment processes, enterprises gain visibility into the hidden security risks present in containers, enabling fast remediation without slowing innovation cycles.”

Tenable is likely to release an updated IT security platform in 2017 that incorporates FlawCheck’s container scanning abilities, Bettini added.

Image credit: Ben_Kerckx via pixabay

A message from John Furrier, co-founder of SiliconANGLE:

Support our open free content by sharing and engaging with our content and community.

Join theCUBE Alumni Trust Network

Where Technology Leaders Connect, Share Intelligence & Create Opportunities

11.4k+  
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+ 
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.

SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .

Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.