VMware has announced new container runtime security capabilities to enhance its end-to-end security offering for cloud-native workloads in a VMware Carbon Black Cloud Container Advanced Bundle. VMware aims to build on the capabilities of the VMware Carbon Black Container solution released in April 2021. VMware’s security offering helps customers better secure modern applications at scale with its security solutions spanning the entire application lifecycle, leveraging the company’s expertise in workloads, security and Kubernetes.

According to VMware, 97 percent of technology leaders say they have concerns about Kubernetes security, with one in five citing securing containerized workloads at runtime as their biggest concern.

Some of the containerized applications runtime security challenges include how to only allow legitimate traffic in, how to enable least-privileged communications between services and defend against the lateral movement of attackers, and how to validate that the workload itself is operating within the expected guardrails.

VMware’s container runtime security capabilities now include runtime cluster image scanning enabling security and DevOps teams to automate runtime vulnerability scanning and customize policies to reduce risk and ensure images used in running containers are secure.  An integrated alerts dashboard helps security teams to view events and address anomalies in their runtime environment. Kubernetes visibility mapping helps to understand the architecture of an application that was set pre-deployment to better identify egress destination connections, potential workload policy violations and vulnerable images.

Other security capabilities include workload anomaly detection that utilizes AI to standardize networking modules and alert SecOps teams on any deviation from that module. Its egress and ingress security capabilities provide security teams with added visibility into the external source that is reaching out to the Kubernetes service and easier detection of malicious egress connectivity based on the IP address and the behavioral data. VMware’s threat detection helps customers scan open ports to check for vulnerabilities and quickly see if there is a lateral attack in progress.

By Emily Nicholls