UncategorizedK2 Cyber Security | Zero Day Attacks | WAF Security

Blog

April 6, 2020 By Timothy Chiu, VP of Marketing
Got Containers? Got Security?

According to a new study by Cloud Native Computing Facility (CNCF), containers have become the norm, reaching 84% use in production this year, up from 23% in CNCF’s first survey in 2016. CNCF has found that most new cloud projects use serverless, service mesh, and storage as popular ways to manage or work in conjunction with containers.  The big winner in container tools is Kubernetes with 78% use in production.  The same survey found that the biggest challenge to using containers was cultural, and the second largest challenge is security, with complexity rounding out the top 3 challenges.

If you are using containers, have you thought about security for the applications running in your containers? If you think security is being provided by your infrastructure provider (AWS, Azure, Google Cloud, etc), think again.  Infrastructure providers are invested in securing their infrastructure components, not your application running the in their cloud.  Even with their security for their infrastructure, you still need to provide security for your applications.

Or perhaps you are trusting that your edge perimeter solution, Web Application Firewalls (WAFs) or Next Generation Firewalls (NGFWs) are going to secure your application, you may be opening yourself to a breach from new sophisticated zero day attacks.   For more on why WAFs fail to protect applications check out our recent blog articles on the Capital One attack and the Equifax breach and how WAFs failed in those scenarios.

The most effective security for applications running in containers is security that monitors every action taken by the application, one that runs in the same container as the application, also referred to as a sidecar security application.  The security platform needs to monitor the application during runtime, while offering protection for new sophisticated zero day attacks including memory based attacks.

K2’s Next Generation Application Workload Protection Platform addresses these runtime security needs in an easy to use, easy to deploy solution.  K2’s unique deterministic security detects new attacks without the need to rely on past attack knowledge, is lightweight, and adds under a millisecond of latency to the running application.  K2 also provides attack telemetry including the code module and line number being in the code being attacked, while at the same time integrating with leading firewalls to do real time attacker blocking.  Find out more about K2 today by requesting a demo, or get your free trial.

 

 

Share this

Leave a Reply

Your email address will not be published. Required fields are marked *

K2 CYBER SECURITY

K2 Cyber Security delivers the Next Generation Application Workload Protection Platform to secure web applications and container workloads against sophisticated attacks including OWASP Top 10 and memory-based attacks, and provides additional vulnerability detection. K2’s Platform is deployed on production servers for runtime protection of applications and on pen-testing/pre-production servers to identify the location of the vulnerable code in real-time. K2’s solution generates almost no false alerts, eliminates breaches due to zero-day attacks, detects attacks missed by traditional security tools including Web Application Firewalls, and dramatically reduces security cost. K2 Cyber Security is located in the USA, and provides cyber security solutions globally.

CONTACT INFO

K2 Cyber Security, Inc.

2580 N. First Street, #130

San Jose, CA 95131