Containerized applications bring many benefits — they are a fast way to deploy software across multiple computing environments. But securing containers is a challenge, since their unique attributes, particularly their ephemeral nature, means that they have been treated differently by security professionals in comparison to other endpoints.
Penetration testing and offensive assessment, for example, are rarely performed on containerized systems, notes Spencer Thompson, co-founder and CEO of Prelude Security. That’s a problem, since containers are still internet-facing devices and can have the same vulnerabilities.
Prelude Security’s latest enhancement to its Probes product offering is designed to help CISOs by letting users run continuous security tests on production endpoints — whether they’re running Linux, macOS, Windows, or are containerized.
Granular vulnerability testing for containers
The company’s Probes — which are tiny processes, between 1KB and 2KB in size — will now function properly in containerized environments, enabling far more accurate and granular vulnerability testing than was previously possible, according to a company announcement Wednesday. Each probe can actively test for known CVEs and report back to a central web console.
Probes are dormant most of the time, according to Thompson, and don’t require root permissions to function. They can be installed using scripts or via a Docker extension.
The use of even a small-process agent lets Prelude identify not only potential vulnerabilities, but also decide whether or not those vulnerabilities are exploitable, as Probes will attempt to exploit any that it finds in a non-invasive way.