McAfee Takes Integrated Approach to Container Security

McAfee combines elements of container security, cloud security, posture management and cloud workload protection to help application developers build secure and compliant software.

Karen D. Schwartz, Contributor

December 14, 2019

2 Min Read
securing data in a safe
Getty Images

McAfee this week announced a cloud-based container security platform that integrates with its CASB and CSPM security solutions.

By integrating its Cloud Security Posture Management (CSPM), Cloud Access Security Broker (CASB) and vulnerability scanning for container workloads into its MVISION platform, the McAfee MVISION Cloud for Containers can help application developers ensure that container workloads are secure and compliant. The platform allows DevOps teams to perform CSPM and vulnerability scanning checks earlier in the application development life cycle, and continuous monitoring helps prevent "configuration drift" on production deployments of container workloads, according to the company.

McAfee MVISION Cloud also integrates with the tools that the application development and DevOps teams use to build software. This automates the process and helps ensure that configuration vulnerabilities are eliminated.

"It's about making sure that hardened container configurations are deployed to production," explained Doug Cahill, a senior analyst at ESG. "It's important to make sure that when you push containers to production, you have wrung out known vulnerabilities."

The ability to automate the inspection of container images for known vulnerabilities at build time is a critical component of this solution, Cahill said, because containers today don't live that long.

It also puts security front and center for application development—something that hasn't been done much in the past.

"Security has too often been an afterthought where we think about it after applications are in production. Something like this allows us to think about security earlier in the life cycle," he said.

Through the integration of CSPM, the platform checks to ensure that container platforms run in accordance with CIS and other best practice compliance standards. At the same time, automating security checks can speed up the process by eliminating manual testing.

What McAfee is doing by combining elements of container security, cloud security, posture management and cloud workload protection is noteworthy, Cahill said.

"We're seeing point tools converge into cloud security platforms, and that helps teams work together. It makes cloud security more efficient for the DevOps team, the security team and the compliance team to work together," he said.

About the Author

Karen D. Schwartz

Contributor

Karen D. Schwartz is a technology and business writer with more than 20 years of experience. She has written on a broad range of technology topics for publications including CIO, InformationWeek, GCN, FCW, FedTech, BizTech, eWeek and Government Executive

https://www.linkedin.com/in/karen-d-schwartz-64628a4/

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like