PHOTO
The next generation of Kaspersky Hybrid Cloud Security now safeguards software development operations (DevOps) environments. The product has been updated to enable protection for containers and has added container, image and repository scanning capabilities for integration with continuous integration and delivery pipelines (CI/CD). Also, to support businesses use of a wide range of public cloud platforms, Kaspersky Hybrid Cloud Security adds protection for Google Cloud.
Supply-chain attacks that affect software development, such as when a malicious piece of code is added to legitimate software, are effective tools for cybercriminals. For example, this method was used in a ShadowPad attack where a backdoor was embedded into a popular legitimate business software product’s code library. Supply-chain attacks also strike open source repositories, such as when Docker Hub found 17 backdoored container images, or when RubyGems caused users to download 725 malicious packages almost 100,000 times.
Protection from such supply-chain attacks is essential for software developers, although it can be hard to find an effective security tool because validating the integrity of fast-changing development environments on-demand is often technically challenging. A cybersecurity solution should also not affect an application’s time to market or the overall flexible approach to IT that DevOps is accustomed to, such as being able to scale cloud workloads up and down or use different open source tools.
Kaspersky Hybrid Cloud Security reconciles the two worlds – DevOps and IT security. It helps businesses to integrate security tools into the development process to minimize the risk of container compromise and supply-chain attacks, without impacting development speeds.
The product now enables Docker containerization environments to be protected through granular AV scanning. Using file threat protection, it scans containers and images and all their layers to reveal threats. The scanning can be performed as objects are accessed in the namespaces of running containers (on-access scan, OAS) and within tasks with flexible scope control (on-demand scan, ODS). It also allows kernel memory scanning. Added network and web threat protection ensures safe internet traffic and the prevention of network attacks on Linux hosts and containers.
Screenshot of container scan task settings: selection of containers and images for scanning, setting up actions on threat detection and enabling/disabling scanning by layers
Kaspersky Hybrid Cloud Security safeguards the use of public repositories and prevents supply-chain poisoning. Software developers can add security steps into continuous integration and continuous delivery (CI/CD) pipelines including TeamCity or Jenkins Pipeline, among others. Integration is available via command-line and application programming interfaces (CLI and API) that allow developers to run scripts in pipeline management tools, for container and repository image scanning at different stages.
Users of public cloud platforms for software development and other business needs can choose from more options, as the product can now be integrated with Google Cloud – in addition to existing offerings, such as AWS and Microsoft Azure. Kaspersky Hybrid Cloud Security can be seamlessly extended to a customer’s workloads in Google Cloud. Security management for cloud environments is available through a single control panel in Kaspersky Security Center.
“Continuous software development is a unique environment that needs a specific cybersecurity approach. To stay nimble, DevOps may go as far as bypassing formal IT approval processes, making it a challenge to build cybersecurity into the development journey. However, it is important to leverage containers securely to reduce the risk of unknowingly embedding malicious code into software, as was found in the RubyGems attack and other cases. Kaspersky Hybrid Cloud Security helps businesses find a way out of this challenge through a win-win scenario where IT security and DevOps cooperate. The solution provides understandable tools for DevOps that don’t affect their processes; and it helps IT security teams to put in place a proven protection layer for the part of the infrastructure that may not yet be covered,” comments Andrey Pozhogin, Senior Product Marketing Manager, Kaspersky.
More information about Kaspersky Hybrid Cloud Security and DevOps protection can be found on the product page.
About Kaspersky
Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 250,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.
For further information please contact:
Sweta Fernandes, Account Executive, Golin, KasperskyTeam@golin.ae
© Press Release 2020
Disclaimer: The contents of this press release was provided from an external third party provider. This website is not responsible for, and does not control, such external content. This content is provided on an “as is” and “as available” basis and has not been edited in any way. Neither this website nor our affiliates guarantee the accuracy of or endorse the views or opinions expressed in this press release.
The press release is provided for informational purposes only. The content does not provide tax, legal or investment advice or opinion regarding the suitability, value or profitability of any particular security, portfolio or investment strategy. Neither this website nor our affiliates shall be liable for any errors or inaccuracies in the content, or for any actions taken by you in reliance thereon. You expressly agree that your use of the information within this article is at your sole risk.
To the fullest extent permitted by applicable law, this website, its parent company, its subsidiaries, its affiliates and the respective shareholders, directors, officers, employees, agents, advertisers, content providers and licensors will not be liable (jointly or severally) to you for any direct, indirect, consequential, special, incidental, punitive or exemplary damages, including without limitation, lost profits, lost savings and lost revenues, whether in negligence, tort, contract or any other theory of liability, even if the parties have been advised of the possibility or could have foreseen any such damages.
