Business security technology company, Tenable Network Security, has acquiredFlawCheck, claiming to become the first vulnerability management company to provide security for Docker containers and support organizations’ modern DevOps processes.
Renaud Deraison, Chief Technology Officer and Co-Founder, Tenable Network Security said, “Information technology is undergoing a profound change due to DevOps, containers and the mass migration of operations and infrastructure to the cloud. Tenable understands that next-generation technologies bring with them a range of new security challenges, which is why we are accelerating our investment in this area.”
FlawCheck helps organizations scan container images for vulnerabilities, malware and other risks. The product provides vulnerability and malware detection, along with continuous monitoring, for Docker containers, integrating with the continuous integration and continuous deployment (CI/CD) systems that build container images to ensure every container reaching production is secure and compliant with enterprise policy.
Anthony Bettini, Co-Founder & CEO, FlawCheck said, “Containers are changing the software development and deployment process, but many organizations don’t have a way to properly maintain and secure them.”
“FlawCheck scans containers early in the software development lifecycle to make it easier and safer to deploy them in production, and then continuously monitors them for vulnerabilities and malware. By seamlessly incorporating FlawCheck into their development and deployment processes, enterprises gain visibility into the hidden security risks present in containers, enabling fast remediation without slowing innovation cycles.”
According to Tenable, enterprises struggle to gain visibility into container-based malware and vulnerabilities and ensure the security of production code because containers are often rebuilt and redeployed on the fly, are active on networks for only short periods of time and exist outside of normal patching processes. As the IT world moves from old to new software development practices, there is time-to-production decrease by orders of magnitude. New technologies — cloud, containers — and the speed of new processes — DevOps — are creating the need for products that are purpose-built, easily integrated and easily automated.
“The unique capabilities within FlawCheck to continuously monitor container images for malware and vulnerabilities are a natural extension of the container security capabilities already available to Tenable customers,” said Deraison.
“We’re now working to bring a fully integrated product to market in 2017. The creativity and experience Tony and Sasan possess make them valuable additions to Tenable and I’m excited about what their presence means for the future of this company.”