DockerCon EU 2017 Recap: Security, Kubernetes, and MTA Hej from Copenhagen! I’ve had the privilege of spending the last few days here at an incredible DockerCon EU. With thousands of attendees from hundreds of companies converging on the City of Spires, it’s clear that the Docker community is thriving across the world. Here are some of the highlights we saw this week. Docker Continues to Grow by Leaps & Bounds At his morning keynote, Steve Singh, CEO of Docker, highlighted the state of the Docker ecosystem, with 21 million hosts running Docker and more than 24 billion (!
Today we are excited to announce that version 1.3 of the StackRox platform is now generally available. Every new release adds a number of significant features, but 1.3 in particular enables greater flexibility, configurability, and scalability when securing some of the world’s largest enterprises running containers in production. We previously wrote that threat protection in container environments has to start with visibility and detection. This release delivers several advancements to detection rules, policies, and deployment automation that enable StackRox to discover a broader set of threats, faster.
In this new blog post by Crate.io, read about how they are using StackRox to secure CrateDB Clusters on Docker. StackRox complements the authentication, access controls, and encryption added in Crate 2.0 Enterprise Edition with comprehensive threat coverage for well-known attack vectors on containerized database applications. The post discusses why security is important for a database like CrateDB, and how to use StackRox to protect your data – walking you through the deployment process.
We’re pleased to present the second video in our demo series. Watch the video below to learn about StackRox alert stories, helping security analysts examine events and data required for enforcement and responsive action. We’ll take a look at how StackRox focuses on techniques all attackers require to move and take action in an environment.
It should come as no surprise that behind the rapid adoption of Docker containers are a set of slam-dunk cost and operational benefits. According to Docker, enterprise IT budgets are heavily consumed by maintenance and upkeep of legacy applications on the order of 80%. Containers drastically change that equation, and the customers that leverage them are realizing massive improvements in resource utilization, resulting in a 50%-60% drop in virtual machines (VMs)– and ultimately, hypervisor licenses– required to run the refactored application.
Container technology is fundamentally changing the way incident response (IR) is handled within the enterprise, and it is putting agile organizations back in a position of strength against their attackers. Microservices and containers comprise an infrastructure that can be leveraged as a security orchestrator and responder, which allows for radical improvements in both the scale and speed of threat detection, response, and prevention. IR in a traditional environment Today’s systems have become too distributed, integrate too many programs, and present too many attack surfaces for security analysts to thwart attacks effectively.
We’re pleased to begin our video demo series walking you through the StackRox platform. Our first video features a look at our map view and visibility features. This allows security teams to quickly understand what’s impacting their infrastructures, and gain a clear view of the risk across their overall environment.
On Tuesday, I had the honor of speaking about “Bringing the fight back to your security team,” at Structure Security 2017. My panel was comprised of former U.S. Government cybersecurity leaders who are now in the private sector, helping defend enterprises against attacks. Acknowledging that we’re flooded with breaches – with a record-breaking 4 billion personal records stolen by hackers in 2016 – we discussed strategies to turn the tide.
Enterprise organizations across diverse verticals, such as 3M, Adobe, Kellogg’s, and Netflix, have been ramping up their use of the public cloud to the point where that usage accounts for a substantial portion of their annual IT spend. ‘Enterprises with big budgets, data centers, and complex applications are now looking at cloud as a viable place to run core business applications’, according to Dave Bartoletti, an analyst at Forrester Research.
By now, details of the massive Equifax breach that saw 143 million personal records compromised has made its way around the global news, as well as the broader security and enterprise IT communities. Within these circles, you can bet that anyone responsible for resolving application vulnerabilities is worried about becoming the next headline. There’s little argument that patching applications is a big deal; both in terms of criticality to the organization’s security posture, and in terms of the onerous process it can be when performed in traditional application environments.