More security in cloud environments through container scanning. Sophos Cloud Optix now also identifies vulnerabilities in container images and enables automated reactions.
Sophos is expanding its cloud analysis solution, Sophos Cloud Optix, and offers additional security for container assets in multi-cloud environments with the ability to scan container images. With the new extension, potentially dangerous operating system weaknesses in container images can be identified and automatically remedied.
Increased demand for cloud services
Over the past year, the increased demand for cloud services has prompted many IT and security teams to accelerate their cloud migrations. In addition to an efficient and secure strategy for application provision in the cloud, companies must also pay attention to the sometimes complex configuration and the assignment of rights for access to the cloud infrastructure. This is the only way to use the cloud securely and avoid compliance problems. With Sophos Cloud Optix, companies and MSPs are able to monitor their cloud environments and at the same time initiate automated reactions to detected incidents.
Popular container
Containers are a scalable and portable cloud technology that is particularly useful for building, testing, and deploying applications in the cloud. It is used, for example, when developers want to move an application from a test environment to a production environment. This is largely done through publicly accessible container images, which are available to accelerate development work. Compared to virtual machines (VMs), containers don't run a full operating system. All the data needed to run the container is provided by the container image, so a single container can be used to run a single software process through to more complex applications.
Sophos Cloud Optix for more protection
Sophos Cloud Optix helps prevent security breaches by providing both visibility of container assets and scans to identify potentially exploitable vulnerabilities in container images. Container images can be scanned prior to deployment to prevent vulnerability threats. Newer image versions are also identified that have potential gateways for cyber criminals.
As soon as the container registrations are linked to Sophos Cloud Optix, the user receives details about the scans carried out, the images in the scan queue and the identified vulnerabilities. The image scan process is automatically repeated on a regular basis to identify vulnerabilities and available fixes for container images. Alerts can be sent directly to development teams via Jira, ServiceNow, Slack, and Microsoft Teams integrations to fix the issues.
Sophos Cloud Optix scans container images for security vulnerabilities
- Amazon Elastic Container Registries (ECR)
- Microsoft Azure Container Registrations (ACR)
- Docker Hub Registrations
- IaC environments (Bitbucket and GitHub)
- Images in build pipelines (using the Cloud Optix API)
More at Barracuda.com
About Sophos More than 100 million users in 150 countries trust Sophos. We offer the best protection against complex IT threats and data loss. Our comprehensive security solutions are easy to deploy, use and manage. They offer the lowest total cost of ownership in the industry. Sophos offers award-winning encryption solutions, security solutions for endpoints, networks, mobile devices, email and the web. In addition, there is support from SophosLabs, our worldwide network of our own analysis centers. The Sophos headquarters are in Boston, USA and Oxford, UK.