Prelude Security has enhanced its Probes technology to help security teams run continuous security tests on all endpoints — including containers. Probes, which are tiny processes between 1KB and 2KB and don’t require root permissions to execute, can be used to test inside the container to identify known vulnerabilities.
Containers bring benefits to the organization by helping IT teams and developers quickly and consistently deploy software across multiple environments, but securing them can be a challenge because many of the security tools are not designed to run in container environments. For many, container security relied on external scanning techniques which may not be able to identify all possible issues, the company said. And application security standbys — such as penetration testing and offensive assessment — aren’t typically performed on containers.
Containers are usually internet-facing, which means security teams still need to know about vulnerabilities that may exist, as well as the likelihood of those issues being exploited. Prelude Security’s Probes run inside the container as a process alongside the core application process, and look for vulnerabilities. Probes also attempts to execute those vulnerabilities to determine whether they are exploitable.
Probes are free to use on up to 25 endpoints at a time and are available on a price-per-host basis, the company said. Probes can be installed using scripts or via a Docker extension, and a token system can be set up to address the fact that many containers are ephemeral.
Source: www.darkreading.com