Kaspersky is updating two applications of its Hybrid Cloud Security, the protection solution for virtualization and cloud environments. The new version of Kaspersky Endpoint Security for Linux optimizes protection against exploits and ransomware attacks.
Furthermore, it offers protection for DevOps by supporting new containerized environments and a native integration of protection mechanisms for Docker containers. In addition, Kaspersky Security Center Cloud Console now supports public cloud platforms, making it easier to manage the protection of cloud workloads.
Kaspersky analyzes show that dedicated protection of Linux servers is essential - regardless of whether they are on-premise or cloud-based. Advanced cyber threats are particularly dangerous for Linux, since critical applications often run on these servers or are used as access points to endpoints for Windows and iOS. For example, in the summer of 2020, a provider of digital workplace and printer solutions fell victim to the Linux ransomware 'RansomEXX', which encrypted data and resulted in a failure of company services.
New: application control for Linux workloads
To protect against these types of threats, Kaspersky has added 'Application Control' for Linux workloads to its Hybrid Cloud Security solution. This is intended to prevent the execution of unauthorized or unknown and therefore potentially dangerous application files. Policies can be defined for running applications that meet the security requirements of the company. This includes, among other things, creating a list of applications that may not be launched. This means that only those applications that have been specified before can be started. Furthermore, administrators can set additional policies for individual machines or machine groups.
The new 'Executable Software Inventory' feature creates a list of all applications by path, hash and type. This is used to create and assign categories and as a preparatory stage for setting up application control.
Extended protection for Linux and containers
Kaspersky Endpoint Security for Linux also optimizes protection for DevOps to make it easier for customers to integrate security measures into the development cycle of a product. In addition to Dockers, the solution now also scans containers and images within containerized environments as well as Cri-O, Podman and runC, thereby protecting endangered assets.
Structure of Kaspersky Hybrid Cloud (Image: Kaspersky).
The update of the Kaspersky solution also makes product distribution and configuration easier for Docker users. Customers can now integrate Kaspersky Endpoint Security for Linux as a container in the very environment they want to protect. The service of a scan-on-demand (ODS) is possible via RESTful API.
Security management for SaaS version
The new version also includes updates for security management as the SaaS version of the Kaspersky Security Center console is available for managing the security of workloads in the public clouds Amazon Web Service, Microsoft Azure and Google Cloud. It is offered and maintained by Kaspersky, which saves customers time and money in product distribution.
“Cloud environments are widespread in companies and cybersecurity cannot lag behind here,” explains Christian Milde, Managing Director Central Europe at Kaspersky. “Our solution helps companies set up clouds securely and meet their requirements. Comprehensive Linux protection is essential as organizations need adequate protection for all the platforms and endpoints they use. They also want to save their teams' resources so that they can concentrate on other tasks, such as service and distribution. Our cloud console meets these requirements. In DevOps, one of the key challenges facing organizations is how to seamlessly integrate security into automated pipelines, so we focus our efforts on making this process as convenient as possible.”
More at Kaspersky.com
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/