VMware has expanded its VMware Carbon Black Cloud Workload capabilities to help InfoSec and DevOps teams secure containerized applications in Kubernetes environments.
The new capabilities let InfoSec and DevOps teams incorporate security into the continuous integration and delivery (CI/CD) pipeline, VMware said. That way, these teams can analyze and control application risks before they are deployed into production.
Kubernetes Container Security: Key Capabilities
The new VMware Carbon Black Cloud Workload capabilities include:
- Compliance Policy Automation: Enables InfoSec and DevOps teams to automate policy creation against industry standards and organizational requirements
- Container Image Scanning and Hardening: Lets InfoSec and DevOps teams scan container images to identify vulnerabilities and restrict the registries and repositories allowed in production
- Risk Assessment: Allows InfoSec and DevOps teams to review images running in production and deploy approved images
- Security Posture Dashboard: Shows vulnerabilities and misconfigurations across Kubernetes workloads
VMware Carbon Black Cloud Workload container image scanning and CI/CD integration capabilities will be available in April 2021. In addition, VMware Carbon Black Cloud Workload runtime security for detection and response will be available later in 2021.
What Is VMware Carbon Black Cloud Workload?
VMware Carbon Black Workload Cloud combines vulnerability assessment and workload hardening with next-generation antivirus (NGAV), workload behavioral monitoring and endpoint detection and response (EDR), the company stated. It enables security and infrastructure teams to protect workloads running in virtual data center environments.
Security and infrastructure teams can use VMware Carbon Black Cloud Workload to prioritize vulnerabilities based on the Common Vulnerability Scoring System (CVSS), real-life exploitability and frequency of attack, the company said. The solution also provides risk scores and links to the National Vulnerability Database.
Furthermore, security and infrastructure teams can leverage VMware Carbon Black Cloud Workload to gain insights into operations hygiene, indicators of compromise (IOCs), malicious tactics, techniques and procedures (TTPs) and other system events, the company noted. The solution helps these teams understand vulnerability context and find ways to reduce risk and harden their workloads.