Trend Micro has announced its advanced container security solution Cloud One – Container Security. The new service helps developers minimize application downtime across their Kubernetes environments, from a single tool.

The solution scans at build time for the earliest possible detection and lowest cost remediation. In addition, through partnership with Snyk there is a scan against the open source vulnerability database. This provides early detection and mitigation of vulnerabilities in third-party code dependencies.

Cloud One – Container Security will look for vulnerabilities in the packages included in the container; detect malware using signatures and advanced machine learning techniques; find embedded secrets such as passwords, API tokens, or license keys; and sweep for IoCs using Yara rules.

Container security enables you to create policies that allow or block deployments based on set rules. Native integration with Kubernetes ensures that all deployments run in a production environment are safe.

Once an image has been deemed safe and is deployed into production, Cloud One Container Security will protect the container in the runtime environment. This offers ongoing vulnerability detection for the containerized application and provides relevant feedback to security and DevOps teams in case further action is needed.