McAfee announced McAfee MVISION Cloud for Containers, thereby becoming the first unified cloud security platform to integrate container security with its Cloud Access Security Broker (CASB) and Cloud Security Posture Management (CSPM) security solution. Leveraging NanoSec’s zero trust application visibility and control capabilities for container-based deployments in cloud environments, the solution provides customers with the ability to speed up application delivery while enhancing the governance, compliance and security of their container workloads.
Container security has long been treated as separate from other Infrastructure as a Service (IaaS) security solutions, requiring evaluation, investment and management of multiple, niche products thus increasing total cost of ownership and complexity and reducing security. McAfee MVISION Cloud for Containers integrates Cloud Security Posture Management (CSPM) and Vulnerability Scanning for container workloads into the existing McAfee MVISION Cloud platform to give customers a unified cloud security solution where consistent security policies can be implemented across all forms of cloud IaaS workloads.
McAfee MVISION Cloud integrates with DevOps tools, helps users “shift-left” to pre-emptively improve compliance and secure container workloads by running security audits in the DevOps pipeline and providing security incident data directly back to the development teams. Additionally, McAfee MVISION Cloud also continuously monitors the production deployments of these container workloads to ensure configuration drift does not compromise the security of the applications.
McAfee MVISION Cloud for Containers provides:
- Cloud Security Posture Management (CSPM): integrate Configuration Audit checks for containerized workloads to ensure the container platforms run in accordance with CIS and other best practice compliance standards. This is designed to ensure security checks for the complete container stack including the configuration of the virtual machine the container runs on, as well as the storage, network, and other Platform as a Service (PaaS) services the container may be accessing.
- Vulnerability Scanning of container images: identify and prevent the use of weak or exploitable components of the container images. This reduces the overall risk profile of the application by minimizing the attack vectors.
- “Shift Left” DevOps Integration: perform CSPM and Vulnerability Scanning checks earlier in the application development lifecycle. Identify risk and provide meaningful feedback to developers within the build process. Additionally, continuously monitor and prevent configuration drift on production deployments of the container workloads.
Rajiv Gupta, senior vice president of Cloud Security, McAfee, said, “McAfee MVISION Cloud for Containers extends our leading data security, threat prevention, governance, and compliance capabilities of the MVISION Cloud platform to now cover containers in addition to SaaS, IaaS, and PaaS environments. By delivering consistent security across an organization’s cloud stack and by integrating that security natively into DevOps processes and toolsets to discover and address security issues before applications are deployed, McAfee is further extending its leadership in the cloud security space and providing more proof of its commitment to help customers leverage the power and security of the cloud.”