NeuVector, a provider of Kubernetes security solutions delivering a multi-vector container firewall, has released NeuVector 2.0. The enhanced security solution adds important new capabilities that include a Kubernetes incident response system alongside advanced process and file system protections to secure against new attack vectors.
Enterprises would require fast and decisive responses when security incidents and potential attacks occur within Kubernetes deployments. NeuVector 2.0 deploys within an organization’s existing security processes to “rapidly” address and mitigate ongoing container threats.
When NeuVector detects threats and vulnerabilities, the new auto-response rules – built to address common container attacks and security alerts – would instantly provide response actions to protect containers and generate alerts. These rules can also be customized to match criteria such as specific container vulnerability profiles, or set to address suspicious activity across multiple threat vectors – including the container network, processes, or file system.
Detecting Exploits
NeuVector 2.0 provides a “unique” range of incident responses, with full capabilities to quarantine compromised containers, generate custom notifications, and whitelist non-critical events. Using NeuVector 2.0, enterprises can fully address container security events and protect their applications, container services, and infrastructure from multi-vector attacks.
“The highly dynamic nature of Kubernetes environments makes robust and responsive threat automation a critical requirement to enterprise security,” said Fei Huang, CEO of NeuVector. “The release of NeuVector 2.0 offers rapid detection and response that addresses security threats as they occur while protecting systems from process and filesystem-based attacks. We focus on continually automating the real-time security of Kubernetes deployments for enterprises using our solution.”
Automated protections
NeuVector 2.0 also adds new automated protections that detect exploits within containers, such as suspicious processes or file system activities. The security solution automatically calculates a baseline of container processes, whitelists legitimate activity, and alerts on any deviation from the baseline. Any installation of malicious packages, libraries, or new executables – or any modification to sensitive files – triggers NeuVector to scan the container for vulnerabilities and alert on the suspicious activity. These automatic protections do not require configuration but do allow for “easy” customization of whitelist/blacklist rules as desired.
The new capabilities would bolster NeuVector’s multi-vector firewall by adding deeper insights into activities within Kubernetes deployments, further safeguarding containers from process and file system attack vectors.
