Kaspersky has launched a full-featured solution for containerised environments – Kaspersky Container Security (KCS) at GITEX.
It secures containerised application at all stages, from development to operation. The product is ready to go directly after installation, low-cost, and easy to deploy and integrate into the company’s IT infrastructure. Together with Kaspersky Hybrid Cloud Security, it forms a security ecosystem for hybrid and cloud infrastructures.
Containerisation is becoming an increasingly popular choice in software development, as it helps developers to create and deploy high-profile applications more quickly. The main advantage of the technology is its autonomy, which is reflected in its name.
Like bagged cargo on a container ship, separate from the ship itself but moving within it, the container holds everything needed to develop, deliver and deploy an application (microservice) – the binary code, associated configurated files, libraries and dependencies. That makes containerised applications easily portable, highly reliable and capable of being run by distributed teams.
Containerised environments need protection, as the number of cyber incidents grow. To counter this problem, Kaspersky launched Kaspersky Container Security, a specialised solution for containerised environments designed to protect businesses that already use or plan to implement containers. The product provides security for all stages of containerised application development. Besides the development process, the solution protects runtime, for example, it controls the launch of only trusted containers, the operation of application and services inside the containers, and monitors the traffic.
There are three main components in Kaspersky Container Security: ‘KCS scanner’, ‘KCS agent’, and managing ‘KCS server’:
- The KCS scanner checks configuration files for misconfigurations, scans images for vulnerabilities, malware, sensitive data, and checks them for accordance with assurance policies within the image registry and CI/CD platforms.
- The KCS agent ensures protection from various attacks on the application in the container, monitors container and network interactions in clusters, and checks the whole system for compliance with security standards.
- The managing KCS server aggregates the data received from the scanner and the agent, allows customers to visualise data and to generate reports, and integrates with other security solutions (e.g., SIEMs like Kaspersky’s KUMA).
Kaspersky Container Security easily integrates into DevSecOps framework of organisation, CI/CD* pipelines and infrastructure. It can strengthen DevOps protection both for companies with developed DevSecOps processes and for companies that only begin to implement them. The solution also allows predictable deadlines to be set for the application to be released due to the automation of security and compliance checks on all the stages.
“Containerisation is the new normal, but its risks are not covered by traditional endpoint or virtual machine security solutions. It requires specific solutions. Therefore, we are launching Kaspersky Container Security (KCS), a solution that protects containerised application during its life cycle including runtime, the most vulnerable area. KCS helps our customers to build the DevSecOps process, where security is ensured at every stage of development. This launch is an important step towards one of Kaspersky’s key goals – to provide comprehensive protection to all types of digital assets of our customers. We are happy to introduce it at GITEX,” comments Timofey Titkov, Head of Cloud & Network Security Product Line at Kaspersky.