NeuVector 2.0 Announced
April 12, 2018

NeuVector announced NeuVector 2.0, an enhanced security solution that further protects Kubernetes environments by building on the unique NeuVector run-time security automation, which combines east-west traffic visibility with container process monitoring and vulnerability scanning.

NeuVector 2.0 adds important new capabilities that include a Kubernetes incident response system alongside advanced process and file system protections to secure against new attack vectors.

Enterprises require fast and decisive responses when security incidents and potential attacks occur within Kubernetes deployments. NeuVector 2.0 deploys within an organization’s existing security processes to rapidly address and mitigate ongoing container threats. When NeuVector detects threats and vulnerabilities, the new auto-response rules – built to address common container attacks and security alerts – instantly provide response actions to protect containers and generate alerts. These rules can also be customized to match criteria such as specific container vulnerability profiles, or set to address suspicious activity across multiple threat vectors – including the container network, processes, or file system. NeuVector 2.0 provides a unique range of incident responses, with full capabilities to quarantine compromised containers, generate custom notifications, and whitelist non-critical events. Using NeuVector 2.0, enterprises can fully address container security events and protect their applications, container services, and infrastructure from multi-vector attacks.

NeuVector 2.0 also adds new automated protections that detect exploits within containers, such as suspicious processes or file system activities. The security solution automatically calculates a baseline of container processes, whitelists legitimate activity, and alerts on any deviation from the baseline. Any installation of malicious packages, libraries, or new executables – or any modification to sensitive files – triggers NeuVector to scan the container for vulnerabilities and alert on the suspicious activity. These automatic protections do not require configuration but do allow for easy customization of whitelist/blacklist rules as desired. The new capabilities bolster NeuVector’s multi-vector firewall by adding deeper insights into activities within Kubernetes deployments, further safeguarding containers from process and file system attack vectors.

“The highly dynamic nature of Kubernetes environments makes robust and responsive threat automation a critical requirement to enterprise security,” said Fei Huang, CEO, NeuVector. “The release of NeuVector 2.0 offers rapid detection and response that addresses security threats as they occur, while protecting systems from process and file system-based attacks. We focus on continually automating the real-time security of Kubernetes deployments for enterprises using our solution.”

The Latest

July 17, 2018

In my first blog in this series, I highlighted some of the main challenges teams face with trying to scale mainframe DevOps. To get past these hurdles, the key is to develop an incremental approach that enables teams to capture value along each step of the journey ...

July 16, 2018

The key to mainframe DevOps success is in quickly identifying and removing major bottlenecks in the application delivery lifecycle. Major challenges include collaboration between mainframe and distributed teams, lack of visibility into the impact of software changes, and limited resource flexibility with scaling out necessary testing initiatives. Now let's take a closer look at some of these key challenges and how IT departments can address them ...

July 11, 2018

How much are organizations investing in the shift to cloud native, how much is it getting them? ...

July 10, 2018

In the shift to cloud native, many organizations have adopted a configuration-as-code approach. This helps drive up application deployment velocity by letting developers and DevOps teams reconfigure their deployments as their needs arise. Other organizations, particularly the more regulated ones, still have security people owning these tools, but that creates increased pressure on the security organization to keep up. How much are organizations investing in this process, and how much is it getting them? ...

June 28, 2018

More than a third of companies that use serverless functions are not employing any application security best practices and are not using any tools or standard security methodologies to secure them, according to the State of Serverless Security survey, conducted by PureSec ...

June 27, 2018

The popularity of social media platforms and applications is spurring enterprises to adopt "social business" models to better engage with employees and customers and improve collaboration, according to a new study published by ISG ...

June 25, 2018

The previous chapter in this WhiteHat Security series discussed Codebase as the first step of the Twelve-Factor App and defined a security best practice approach for ensuring a secure source control system. Considering the importance of applying security in a modern DevOps world, this next chapter examines the security component of step two of the Twelve-Factor methodology. Here follows some actionable advice from the WhiteHat Security Addendum Checklist, which developers and ops engineers can follow during the SaaS build and operations stages ...

June 21, 2018

DevSecOps is quickly gaining support and traction, within and beyond information security teams. In fact, 70% of respondents believe their culture can embrace the change needed to fuse Security and DevOps, according to a new survey of 80 security professionals by Aqua Security ...

June 20, 2018

The larger the company size, the higher the proportion of low IT performers, according to the State of DevOps: Market Segmentation Report from Puppet, based on the 2017 State of DevOps Survey data ...

June 18, 2018

An overwhelming 83 percent of respondents have concerns about deploying traditional firewalls in the cloud, according to Firewalls and the Cloud, a survey conducted by Barracuda Networks...

Share this