Tenable Network Security Acquires Container Security Company FlawCheck
October 26, 2016

Tenable Network Security has acquired FlawCheck, enabling the vulnerability management company to provide security for Docker containers and support organizations’ modern DevOps processes.

“Information technology is undergoing a profound change due to DevOps, containers and the mass migration of operations and infrastructure to the cloud,” said Renaud Deraison,CTO and co-founder, Tenable Network Security. “Tenable understands that next-generation technologies bring with them a range of new security challenges, which is why we are accelerating our investment in this area.”

Founded by Anthony Bettini and Sasan Padidar — who between them have previously held prominent roles at Facebook, Google, Intel and McAfee — FlawCheck helps organizations scan container images for vulnerabilities, malware and other risks. The product provides vulnerability and malware detection, along with continuous monitoring, for Docker containers, integrating with the continuous integration and continuous deployment (CI/CD) systems that build container images to ensure every container reaching production is secure and compliant with enterprise policy.

“Containers are changing the software development and deployment process, but many organizations don’t have a way to properly maintain and secure them,” said Bettini. “FlawCheck scans containers early in the software development lifecycle to make it easier and safer to deploy them in production, and then continuously monitors them for vulnerabilities and malware. By seamlessly incorporating FlawCheck into their development and deployment processes, enterprises gain visibility into the hidden security risks present in containers, enabling fast remediation without slowing innovation cycles.”

Organizations struggle to gain visibility into container-based malware and vulnerabilities and ensure the security of production code because containers are often rebuilt and redeployed on the fly, are active on networks for only short periods of time and exist outside of normal patching processes.

“As the IT world moves from old to new software development practices, we’ve seen time-to-production decrease by orders of magnitude,” said Adrian Sanabria, senior security analyst, 451 Research. “New technologies — cloud, containers — and the speed of new processes — DevOps — are creating the need for products that are purpose-built, easily integrated and easily automated.”

“FlawCheck is an amazing product that excels at detecting threats that otherwise would remain invisible, which is critical, because you can’t remediate what you don’t detect,” said Deraison. “The unique capabilities within FlawCheck to continuously monitor container images for malware and vulnerabilities are a natural extension of the container security capabilities already available to Tenable customers. We’re now working to bring a fully integrated product to market in 2017. The creativity and experience Tony and Sasan possess make them valuable additions to Tenable and I’m excited about what their presence means for the future of this company.”

Share this

Industry News

September 23, 2021

Shortcut, the collaborative home for modern software teams, announced new Team-to-Workflow functionality.

September 23, 2021

Portainer announced the launch of its Portainer Business Charmed Operator, allowing for seamless integration with Canonical’s Charmed Kubernetes distribution.

September 22, 2021

Parasoft announced the launch and extension of its static application security testing (SAST) and API testing platform with penetration testing, shifting security testing into developer workflows.

September 22, 2021

Synopsys announced a new partnership with The Chertoff Group, a global advisory services firm that applies security expertise, technology insights, and policy intelligence to help clients build resilient organizations, gain competitive advantage, and accelerate growth.

September 21, 2021

ShiftLeft announced that its unified code security platform, ShiftLeft CORE, is now available on the AWS Marketplace.

September 21, 2021

JFrog announced its JFrog Artifactory and JFrog Xray solutions are now accredited in Iron Bank and available via Platform One.

September 21, 2021

GitKraken acquired BigBrassBand and its popular Git Integration for Jira.

September 20, 2021

D2iQ announced version 2.0 of the D2iQ Kubernetes Platform (DKP).

September 20, 2021

Platform9 joined Intel's Open Retail Initiative (ORI) and launched a new software-defined store solution.

September 20, 2021

FireMon has acquired DisruptOps.

September 16, 2021

SnapLogic released the latest version of its new SnapLogic Flows solution.

September 16, 2021

Postman launched a new version of its API Management platform.

September 16, 2021

Progress announced its R3 2021 release of Progress Telerik and Progress Kendo UI.

September 15, 2021

Progress announced the availability of Progress Sitefinity DX 14.0.

September 15, 2021

Launchable, the intelligence platform layer for all software testing, announced their latest addition to the platform, Flaky Tests Insights (beta).