McAfee, the device-to-cloud cybersecurity company, announced the acquisition of NanoSec, a multi-cloud, zero-trust application and security platform. The acquisition will enable organizations to improve governance and compliance and to reduce risk of their cloud and container deployments.
The acquisition of NanoSec will strengthen the container security capabilities of McAfee MVISION Cloud and MVISION Server Protection products, giving its customers the ability to speed up application delivery while enhancing governance, compliance and security of their hybrid, multi-cloud deployments.
NanoSec’s security capabilities will be applied to applications and workloads deployed in containers and Kubernetes and will be integrated into McAfee MVISION Cloud and MVISION Server Protection offerings.
These capabilities include continuous configuration compliance and vulnerability assessment as well as runtime application-level segmentation for detecting and preventing lateral movement of threats.
“NanoSec’s technology is a natural extension for McAfee MVISION Cloud, enhancing our current CASB and CWPP products, and adding to our ‘Shift-Left’ capabilities to deliver on the DevSecOps best practice to improve governance and security,” said Rajiv Gupta, senior vice president and general manager of the cloud security business unit, McAfee.
“NanoSec’s team brings a wealth of experience to McAfee, and together we are committed to enabling organizations to reach their full cloud potential.”
“Joining forces with McAfee means that our groundbreaking capabilities including our unique application-identity based approach for app-level protection and micro-segmentation will be available on a global scale,” said Vishwas Manral, founder and CEO of NanoSec.
“McAfee has demonstrated not only its leadership in cloud security, but its desire to continually innovate and deliver new capabilities that reshape how organizations can operate workloads and applications safely in the cloud.”
McAfee’s acquisition of NanoSec further demonstrates how McAfee is working to integrate security natively into DevSecOps processes and toolsets to discover and address security issues before applications are deployed.
Organizations are increasingly looking to adopt container technologies to help modernize legacy applications and create new cloud-native applications that are scalable and agile.
Gartner predicts that “by 2022, more than 75% of global organizations will be running containerized applications in production, which is a significant increase from fewer than 30% today.”
Gartner recommends the following security and governance best practice, “security can’t be an afterthought. It needs to be embedded in the DevOps process, which Gartner refers to as ‘DevSecOps’. Organizations need to plan for securing the containerized environment across the entire life cycle, which includes the build and development process, deployment and run phase of an application.”