Cloud workload security with the new Bitdefender GravityZone Security for Containers. With protection of cloud workloads for containers and Linux environments, runtime support for container workloads and Linux kernel independence to reduce risks and enable a faster switch to new distributions.
With the new GravityZone Security for Containers solution, Bitdefender is expanding its offering for Cloud Workload Security (CWS). The new offer now also protects the container run time. It also includes defense against threats as well as Extended Endpoint Detection and Response (XEDR) and protects containers in private and public clouds against exploits. Users have a comprehensive overview and control over the unified cybersecurity platform Bitdefender GravityZone. The independence of the solution from the Linux kernel helps companies to switch quickly to the latest Linux distributions and avoids security and availability risks arising from this change. GravityZone Security for Containers is available now.
Containers in the trend of digital transformation
As part of the accelerated digital transformation, containers are used more and more. Gartner predicts that 2025 percent of companies will use containers in production by 85, down from less than 30 percent in 2020. (1) This increased use will make such targets more attractive and rewarding: According to data from Bitdefender Labs, the attacks are on containers and Linux servers accordingly increased significantly in 2021. 71 percent of the malware can be traced back to the Linux malware Mirai for building a botnet and to the Meterpreter Trojan. These results show that the attackers have migrated to multiplatform attacks and are developing malware, including ransomware, specifically for Linux binaries.
Detection with Endpoint Detection and Response (EDR)
GravityZone Security for Containers supports Endpoint Detection and Response (EDR). It proactively prevents, detects or corrects risks to cloud workloads. Docker and Kubernetes containers are now also protected. Linux-native technologies for prevention and detection identify possible dangers earlier and shorten the time attackers stay in the network. The solution is easy to implement. It offers numerous advantages for cloud operation:
- Protection against runtime attacks - GravityZone Security for Containers protects containers and cloud-native workloads against Linux kernel, application zero-day and known exploit attacks in real time. At the same time, it identifies the entire context of incidents, including the container images and pods involved.
- Security for multiple distributions - GravityZone Security for Containers eliminates Linux security compatibility issues with a single, compact agent that sits on top of the Linux kernel. Traditional security tools depend on the kernel module to support security functions. This may lead to problems with security and system stability in kernel-dependent solutions. Attacks against workloads running on Linux servers may be more successful. Thanks to the kernel-independence of GravityZone Security for Containers, companies can switch to the latest Linux distributions more quickly without impairing the effectiveness of the protection.
- Complete visibility and control - Bitdefender GravityZone works across platforms. This enables complete transparency and control of security across all containers and workloads in hybrid or multi-cloud environments from a single interface.
- MITER ATT & CK® mapping - GravityZone Security for Containers maps container attacks on cloud workloads in the MITER ATT & CK® framework. In the latest MITER ATT & CK test, GravityZone recognized all attack techniques against Linux systems.
Graphical overview of the execution of processes in containers (Image: Bitdefender).
In a recent report, Gartner analysts Neil McDonald and Tom Croll write, "There is no guarantee that an organization will be able to place agents in the Linux host operating system in a container-based deployment. This is increasingly the case with locked minimal kernels and some managed container services. This issue addresses an architectural option to run the CWPP (Cloud Workload Protection Platform) offering as a privileged container (or as a sidecar in Kubernetes pods and service mesh architectures).”
Cyber criminals target cloud workloads
“Cybercriminals are increasingly focusing on cloud workloads as many organizations now have data and applications residing there,” said Andrei Florescu, vice president of product management, Bitdefender Solutions Group. “As most cloud workloads are built with containers and microservices on Linux, greater visibility and control of IT security across heterogeneous hybrid cloud infrastructures is key. We developed GravityZone Security for Containers to thwart Linux attack techniques. We want to help companies become resilient when using containers for their cloud workload architecture."
More at Sophos.com
About Bitdefender Bitdefender is a leading global provider of cybersecurity solutions and antivirus software, protecting over 500 million systems in more than 150 countries. Since it was founded in 2001, the company's innovations have consistently ensured excellent security products and intelligent protection for devices, networks and cloud services for private customers and companies. As the supplier of choice, Bitdefender technology is found in 38 percent of security solutions deployed around the world and is trusted and recognized by industry experts, manufacturers and customers alike. www.bitdefender.de