Bitdefender GravityZone Security for Containers Defends Against Linux Attack Techniques

Listen to this news article

Bitdefender, a worldwide provider of cybersecurity solutions, has launched GravityZone Security for Containers, which adds run-time support for containers and Linux kernel module independence to its cloud workload security (CWS) solution. GravityZone Security for Containers was created by Bitdefender to protect organizations from Linux attack methods and help them become more robust when they use containers for cloud workload deployment architecture.

Through GravityZone, Bitdefender’s unified cybersecurity platform, the newly developed solution provides threat prevention, extended endpoint detection and response (XEDR), and anti-exploit protection for containers running in private and public clouds, as well as complete visibility and management. The new Linux kernel independence enables companies to upgrade to the newest Linux distributions without the delays caused by cybersecurity provider requirements.

GravityZone Security for Containers is a full-stack solution that supports EDR and CWS and offers the highest capacity to prevent, detect, and mitigate threats to cloud workloads (including Docker and Kubernetes containers). Bitdefender’s Linux-native prevention and detection solutions would detect attacks faster and decrease the amount of time an adversary spends on the system.

Linux Servers, Vulnerabilities

Photo Andrei Florescu, vice president of product management, Bitdefender Solutions Group
“We built GravityZone Security for Containers to defend against Linux attack techniques and help businesses become resilient as they embrace containers for their cloud workload deployment architecture,” said Andrei Florescu, vice president of product management, Bitdefender Solutions Group.

Containers have become more popular, allowing for faster application delivery and digital transformation projects. According to Gartner, 85 percent of companies will use containers in production by 2025, up from less than 30 percent in 20201. Traditional security solutions, which rely on kernel modules to enable security tasks, may pose an additional risk in addition to the time it takes to switch to new Linux versions. As a result, workloads operating on Linux servers may be more vulnerable to attack success, posing security and system stability issues.

In a recent report, Gartner analysts Neil McDonald and Tom Croll write, “There is no guarantee that an enterprise will be able to place agents in the Linux host OS in a container-based deployment. This is increasingly the case with locked-down minimal kernels and with some managed container services. The answer is to provide an architectural option to run the CWPP (cloud workload protection platform) offering as a privileged container (or as a sidecar in Kubernetes pods and service mesh architectures).”

So far in 2021, Bitdefender Labs, the company’s elite worldwide team of security researchers, investigators, and reverse malware developers, has witnessed a significant surge in attacks against containers and Linux servers, with Mirai and Meterpreter accounting for 71% of malware. It is now obvious that attackers have shifted their focus to multi-platform assaults, creating malware (including ransomware) tailored to Linux binaries.

According to Bitdefeender, its GravityZone Security for Containers solution is simple to set up while providing a number of advantages for cloud operations and teams, including the following:

  • Protection against runtime attacks – GravityZone Security for Containers defends containers and cloud-native workloads in real-time against Linux kernel, application zero-day, and known exploit threats, as well as identifying the complete context of incidents, such as which images and pods were involved.
  • Multi-distribution security – With a single, lightweight agent that resides atop the Linux kernel, GravityZone Security for Containers removes Linux security compatibility issues, allowing companies to update to the newest Linux distributions quicker without compromising security efficacy.
  • Complete visibility and control – Bitdefender GravityZone is a multi-platform security solution that provides comprehensive visibility and control over all containers and workloads in hybrid and multi-cloud environments from a single dashboard.
  • MITRE ATT&CK mapping – The MITRE ATT&CK Framework is used by GravityZone Security for Containers to map cloud workload container threats. GravityZone identified 100 percent of attack methods against Linux systems in the most recent MITRE ATT&CK test.

“Cybercriminals are increasingly focusing attacks on cloud workloads because that is where data and applications now reside for many organizations,” said Andrei Florescu, vice president of product management, Bitdefender Solutions Group. “With most cloud workloads built using containers and microservices running on Linux, extending security visibility and control across heterogeneous hybrid-cloud infrastructures is paramount. We built GravityZone Security for Containers to defend against Linux attack techniques and help businesses become resilient as they embrace containers for their cloud workload deployment architecture.”

Bitdefender, which was founded in 2001, has clients in 170 countries and offices all over the world. Bitdefender Labs, which invests heavily in research and development, would detect 400 new threats every minute and verifies 30 billion threat queries every day. Antimalware, IoT security, behavioral analytics, and artificial intelligence are among the company’s innovations. Its technology is licensed by more than 150 of the world’s most well-known technology companies.