Alert Logic, the leading provider of Security-as-a-Service solutions, has announced the industry’s first network intrusion detection system (IDS) for containers, available in Alert Logic Cloud Defender and Threat Manager solutions. This innovation brings organisations powerful new capabilities to inspect network traffic for malicious activity targeting containers and faster detection of compromises to enhance the security of workloads running on the AWS Cloud.
The Alert Logic network IDS capability supports containers deployed on AWS including Docker, Amazon Elastic Container Service, Kubernetes, CoreOS and AWS Elastic Beanstalk. Support for additional cloud-deployed containers will be available before the end of the year. The Alert Logic incident console can also now display which containers and hosts might be compromised along with the associated metadata.
Containers enable organisations to leverage the low overhead, power, agility and security of virtualisation with the improved benefit of portability. While the container market is growing fast given these benefits, with an estimated CAGR of 40% through 2020 according to 451 Research, many businesses have delayed container adoption and the related cost and time benefits due to security concerns. Until now, the security industry hasn’t provided the critical ability to inspect the network traffic that targets containers.
“Without real-time detection capabilities, attackers and intruders can lurk within containers installing trojans, malware, ransomware and cryptominers or even corrupting and exfiltrating data,” said Chris Noell, Senior Vice President, Engineering at Alert Logic. “Network intrusion detection is critical to providing the visibility into container attacks that other approaches miss. With Alert Logic, organisations can confidently move forward with their container deployments knowing that they are protected by the only security solution in the market that addresses container visibility at the network layer.”
Customers and partners adopt new network IDS capabilities for containers
Accesso Technology, a best-in-class e-commerce, point of sales and ticketing solution provider, helps its clients increase sales and streamline operations and is an early adopter of Alert Logic’s container security innovation.
“As Accesso continues to focus on our industry-leading technology and security infrastructure, we need to ensure our containerised environment is protected without introducing additional complexity,” said William DeMar, Director, Information Security, Accesso Technology. “With Alert Logic, we have extended IDS security monitoring and detection to the container level and have gained more granular visibility into our container environments across multiple cloud platforms. Alert Logic partnered with us to get up and running quickly and their team of security analysts and consultants proactively escalates incidents so we can prioritise our team’s efforts.”
Wealth Wizards is another Alert Logic customer using the new network IDS capability for containers.
“We’re writing products our financial services clients want today, which means we need to build software really quickly,” said Richard Marshall, Head of Platform, Wealth Wizards. “We run in a 100% container environment, using Kubernetes and Docker. Security is a big priority for us, but we need to keep our engineering team focused on delivering the best experience for our clients. With Alert Logic we can concentrate on our core business while being safe in the knowledge we have security experts covering the operational side for us.”
Logicworks, a cloud automation and managed services company, partners with Alert Logic and has extended network IDS for containers capabilities to its customers. “Although container technology is relatively new, it’s already a ‘go to’ code deployment strategy for Logicworks,” said Steven Zeller, Vice President, Product Marketing for Logicworks. “Containers help our customers work smarter, and Logicworks ensures that our customers’ containers run securely and efficiently on AWS. Alert Logic’s container security solutions give our customers confidence in the continuous security of their cloud infrastructure.”
Products and services approach
The Alert Logic container security solutions work by analysing the signature of data packets as they traverse the container environment to detect cyberattacks in real-time and provide a graphical representation of the compromised container and its relationships. The intrusion detection capabilities for containers are fully managed by Alert Logic’s 24×7 security and compliance experts in the company’s Security Operations Centres. When a container threat is detected, Alert Logic’s security experts prioritise the threat, proactively escalate within 15-minutes, provide visual context, and offer remediation advice for customers.