Alert Logic announced the network intrusion detection system (IDS) for containers, available in Alert Logic Cloud Defender and Threat Manager solutions. This innovation brings organizations capabilities to inspect network traffic for malicious activity targeting containers, and detection of compromises to enhance the security of workloads running on the AWS Cloud.
The Alert Logic network IDS capability supports containers deployed on AWS including Docker, Amazon Elastic Container Service, Kubernetes, CoreOS, and AWS Elastic Beanstalk.
Support for additional cloud-deployed containers will be available before the end of the year. The Alert Logic incident console can also now display which containers and hosts might be compromised along with the associated metadata.
Containers enable organizations to leverage the overhead, power, agility, and security of virtualization with the improved benefit of portability.
While the container market is growing given these benefits, with an estimated CAGR of 40% through 2020 according to 451 Research, many businesses have delayed container adoption and the related cost and time benefits due to security concerns. Until now, the security industry hasn’t provided the ability to inspect the network traffic that targets containers.
“Without real-time detection capabilities, attackers and intruders can lurk within containers installing trojans, malware, ransomware and cryptominers or even corrupting and exfiltrating data,” said Chris Noell, Senior Vice President, Engineering at Alert Logic.
“Network intrusion detection is critical to providing the visibility into container attacks that other approaches miss. With Alert Logic, organizations can confidently move forward with their container deployments knowing that they are protected by the only security solution in the market that addresses container visibility at the network layer.”
Customers and partners adopt network IDS capabilities for containers
Accesso Technology helps its clients increase sales and streamline operations and is an adopter of Alert Logic’s container security innovation.
“As Accesso continues to focus on our industry-leading technology and security infrastructure, we need to ensure our containerized environment is protected without introducing additional complexity,” said William DeMar, Director, Information Security, Accesso Technology.
“With Alert Logic, we have extended IDS security monitoring and detection to the container level and have gained more granular visibility into our container environments across multiple cloud platforms. Alert Logic partnered with us to get up and running quickly, and their team of security analysts and consultants proactively escalates incidents so we can prioritize our team’s efforts.”
Wealth Wizards is another Alert Logic customer using the network IDS capability for containers.
“We’re writing products our financial services clients want today, which means we need to build software really quickly,” said Richard Marshall, Head of Platform, Wealth Wizards.
“We run in a 100% container environment, using Kubernetes and Docker. Security is a big priority for us, but we need to keep our engineering team focused on delivering the best experience for our clients. With Alert Logic we can concentrate on our core business while being safe in the knowledge we have security experts covering the operational side for us.”
Logicworks partners with Alert Logic and has extended network IDS for containers capabilities to its customers. “Although container technology is relatively new, it’s already a ‘go to’ code deployment strategy for Logicworks,” said Steven Zeller, Vice President, Product Marketing for Logicworks.
“Containers help our customers work smarter, and Logicworks ensures that our customers’ containers run securely and efficiently on AWS. Alert Logic’s container security solutions give our customers confidence in the continuous security of their cloud infrastructure.”
Products + Services Approach
The Alert Logic container security solutions work by analyzing the signature of data packets as they traverse the container environment to detect cyberattacks in real-time and provide a graphical representation of the compromised container and its relationships.
The intrusion detection capabilities for containers are managed by Alert Logic’s security and compliance experts in the company’s Security Operations Centers. When a container threat is detected, Alert Logic’s security experts prioritize the threat, provide visual context, and offer remediation advice for customers.