Mend.io Launches Mend Container
While cloud-native development brilliantly solves problems related to scalability and effective resource use, a more complex architecture and new security challenges come along for the ride as well.
The added layer of abstraction of container architecture can make tracking down vulnerabilities and poorly stored secrets, assessing true risk, and enforcing policies difficult for security teams using only traditional AppSec tools. And customary “shift left” approaches miss the vulnerabilities that sneak in during the containerization process.
Meanwhile, containers are still prey to the same tool issues as their non-cloud brethren, namely large alert volume, much of it being the noise of vulnerabilities that are unreachable at runtime.
94 percent of all companies worldwide use cloud software, so securing cloud-native applications has never been more important. That’s why we’re excited to announce the launch of Mend Container.
Mend Container
Using state-of-the-art reachability analysis, Mend Container extends the features of Mend SCA into the container runtime environment and adds entirely new areas of security risk detection and mitigation unique to cloud-native applications.
Mend Container adds key features and benefits to Mend SCA including:
- Container reachability – Identify which vulnerable files and methods are being called at runtime without the need to install runtime agents.
- Secrets detection – Identify credentials, passwords, keys, and certificates being exposed or handled inappropriately, putting your applications at risk.
- Kubernetes cluster scanning – Effortlessly scan all of running container images within Kubernetes clusters to easily find and label containers that are actually in use and deployed.
- Development to deployment coverage – Comprehensive container security coverage for cloud native applications starting with static image scans in the pipeline using Mend SCA all the way to container behavior analysis for security risks in runtime with Mend Container.
Cloud use has increased year over year and shows no signs of stopping yet. While cloud architecture brings new security challenges to AppSec, Mend.io is here to help organizations rise to meet them.