Protect against Log4J without patching
Learn More
Protect against Log4J without patching
Learn More

UncategorizedCloud Containers Security | Web Application Firewalls


April 6, 2020 By Timothy Chiu, VP of Marketing
Got Containers? Got Security?

According to a new study by Cloud Native Computing Facility (CNCF), containers have become the norm, reaching 84% use in production this year, up from 23% in CNCF’s first survey in 2016. CNCF has found that most new cloud projects use serverless, service mesh, and storage as popular ways to manage or work in conjunction with containers.  The big winner in container tools is Kubernetes with 78% use in production.  The same survey found that the biggest challenge to using containers was cultural, and the second largest challenge is security, with complexity rounding out the top 3 challenges.

If you are using containers, have you thought about security for the applications running in your containers? If you think security is being provided by your infrastructure provider (AWS, Azure, Google Cloud, etc), think again.  Infrastructure providers are invested in securing their infrastructure components, not your application running the in their cloud.  Even with their security for their infrastructure, you still need to provide security for your applications.

Or perhaps you are trusting that your edge perimeter solution, Web Application Firewalls (WAFs) or Next Generation Firewalls (NGFWs) are going to secure your application, you may be opening yourself to a breach from new sophisticated zero day attacks.   For more on why WAFs fail to protect applications check out our recent blog articles on the Capital One attack and the Equifax breach and how WAFs failed in those scenarios.

The most effective security for applications running in containers is security that monitors every action taken by the application, one that runs in the same container as the application, also referred to as a sidecar security application.  The security platform needs to monitor the application during runtime, while offering protection for new sophisticated zero day attacks including memory based attacks.

K2’s Next Generation Application Workload Protection Platform addresses these runtime security needs in an easy to use, easy to deploy solution.  K2’s unique deterministic security detects new attacks without the need to rely on past attack knowledge, is lightweight, and adds under a millisecond of latency to the running application.  K2 also provides attack telemetry including the code module and line number being in the code being attacked, while at the same time integrating with leading firewalls to do real time attacker blocking.  Find out more about K2 today by requesting a demo, or get your free trial.



Share this

Leave a Reply

Your email address will not be published. Required fields are marked *


K2 Cyber Security delivers the Next Generation Application Security Platform to secure web applications and container workloads against sophisticated attacks in OWASP Top 10 and provides exploitable vulnerability detection during pre-production. K2’s Platform is deployed on production servers for runtime protection of applications and on pen-testing/pre-production/QA servers for interactive application security testing to identify the location of the vulnerable code. K2’s solution generates almost no false positives, eliminates breaches due to zero-day attacks, detects attacks missed by traditional security tools like Web Application Firewalls and host based EDR, finds missed exploitable vulnerabilities and dramatically reduces security cost. K2 Cyber Security is headquartered in the USA and provides cyber security solutions globally.


K2 Cyber Security, Inc.

2580 N. First Street, #130

San Jose, CA 95131