{"id":17876,"date":"2020-03-17T20:26:54","date_gmt":"2020-03-18T04:26:54","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2020\/03\/17\/news-11609\/"},"modified":"2020-03-17T20:26:54","modified_gmt":"2020-03-18T04:26:54","slug":"news-11609","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2020\/03\/17\/news-11609\/","title":{"rendered":"Smart Check Validated for New Bottlerocket OS"},"content":{"rendered":"

Credit to Author: Trend Micro| Date: Tue, 10 Mar 2020 23:35:40 +0000<\/strong><\/p>\n

\"\"<\/p>\n

Containers provide a list of benefits to organizations that use them. They\u2019re light, flexible, add consistency across the environment and operate in isolation.<\/p>\n

However, security concerns prevent some organizations from employing containers. This is despite containers having an extra layer of security built in \u2013 they don\u2019t run directly on the host OS.<\/p>\n

To make containers even easier to manage, AWS released an open-source Linux-based operating system meant for hosting containers. While Bottlerocket<\/a> AMIs are provided at no cost, standard Amazon EC2 and AWS charges apply for running Amazon EC2 instances and other services.<\/p>\n

Bottlerocket is purpose-built to run containers and improves security and resource utilization by only including the essential software to run containers, which improves resource utilization and reduces the attack surface compared to general-purpose OS\u2019s.<\/p>\n

At Trend Micro, we\u2019re always focused on the security of our customers cloud environments. We\u2019re proud to be a launch partner for AWS Bottlerocket, with our Smart Check<\/a> component validated for the OS prior to the launch.<\/p>\n

Why use additional security in cloud environments<\/strong><\/p>\n

While an OS specifically for containers that includes native security measures is a huge plus, there seems to be a larger question of why third-party security solutions are even needed in cloud environments. We often hear a misconception with cloud deployment that, since the cloud service provider has built in security, users don\u2019t have to think about the security of their data.<\/p>\n

That\u2019s simply not accurate and leaves a false sense of security. (Pun intended.)<\/p>\n

Yes \u2013 cloud providers like AWS build in security measures and have addressed common problems by adding built in security controls. BUT cloud environments operate with a shared responsibility model for security \u2013 meaning the provider secures the environment, and users are responsible for their instances and data hosted therein.<\/p>\n

That\u2019s for all cloud-based hosting, whether in containers, serverless or otherwise.<\/p>\n

 <\/p>\n

Why Smart Check in Bottlerocket matters<\/strong><\/p>\n

Smooth execution without security roadblocks<\/u><\/p>\n

DevOps teams leverage containerized applications to deploy fast and don\u2019t have time for separate security roadblocks. Smart Check is built for the DevOps community with real-time image scanning at any point in the pipeline to ensure insecure images aren\u2019t deployed.<\/p>\n

Vulnerability scanning before runtime<\/u><\/p>\n

We have the largest vulnerability data set of any security vendor, which is used to scan images for known software flaws before they can be exploited at runtime. This not only includes known vendor vulnerabilities from the Zero Day Initiative (ZDI), but also vulnerability intelligence for bugs patched outside the ZDI program and open source vulnerability intelligence built in through our partnership with Snyk<\/a>.<\/p>\n

Flexible enough to fit with your pipeline<\/u><\/p>\n

Container security needs to be as flexible as containers themselves. Smart Check has a simple admin process to implement role-based access rules and multiple concurrent scanning scenarios to fit your specific pipeline needs.<\/p>\n

Through our partnership with AWS, Trend Micro is excited to help ensure customers can continue to execute on their portion of the shared responsibility model through container image scanning by validating that the Smart Check solution will be available for customers to run on Bottlerocket at launch.<\/p>\n

More information can be found here: https:\/\/aws.amazon.com\/bottlerocket\/<\/p>\n

If you are still interested in learning more, check out this AWS blog from Jeff Barr<\/a>.<\/p>\n

The post Smart Check Validated for New Bottlerocket OS<\/a> appeared first on <\/a>.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Trend Micro| Date: Tue, 10 Mar 2020 23:35:40 +0000<\/strong><\/p>\n

\"\"<\/p>\n

Containers provide a list of benefits to organizations that use them. They\u2019re light, flexible, add consistency across the environment and operate in isolation. However, security concerns prevent some organizations from employing containers. This is despite containers having an extra layer of security built in \u2013 they don\u2019t run directly on the host OS. To make…<\/p>\n

The post Smart Check Validated for New Bottlerocket OS<\/a> appeared first on <\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[12010,24381,11728,11146,18728,24382],"class_list":["post-17876","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-aws","tag-bottlerocket","tag-cloud","tag-cloud-security","tag-devops","tag-os"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17876","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=17876"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/17876\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=17876"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=17876"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=17876"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}