Container DLP capabilities protect sensitive PII and PCI data in container networks across multi-cloud and hybrid cloud environments
San Francisco, March 1, 2019 — NeuVector, the leader in container network security, today announced significant new enhancements in NeuVector 3.0 – a new version of the platform trusted to deliver highly-integrated, automated, and network-aware container security for production Kubernetes and OpenShift environments. NeuVector 3.0 now provides customers with the industry’s first and only data loss prevention (DLP) engine for container security. Additionally, the NeuVector platform now includes multi-cluster management to secure multi-cloud and hybrid cloud container deployments.
With the addition of the container DLP capability, NeuVector 3.0 now offers the first true data loss/leak prevention solution that can detect personally identifiable information (PII) and other sensitive data within container network flows and prevent potential data breaches. Increasingly stringent industry regulations are forcing businesses to delineate and adhere to more comprehensive procedures for how sensitive data is handled and stored. From enterprises that process and retain payment card data (subject to PCI-DSS compliance) to those doing business with EU citizens (subject to GDPR) and beyond, the stakes – and potential fines – for protecting sensitive data have grown considerably. Container adoption has also swelled, but the highly dynamic nature of container environments has thus far made it challenging for businesses to verify precisely how sensitive data is transmitted from containers.
NeuVector’s new container DLP capability leverages deep packet inspection (DPI) and Layer-7 visibility to examine the network payloads for all connections within container and Kubernetes-orchestrated environments. It also detects the flow of sensitive and private data – such as PII and payment card information – within container traffic. The detection works even with service mesh encryption of pod to pod connections by Istio and linkerd2 through an integration announced last month. With this critical addition, NeuVector is the only container network security solution that features packet-level interrogation and enforcement for today’s deployments as well as future service mesh deployments. This container DLP capability is also extensible, offering enterprises the ability to detect any type of network payload for their own applications by using custom application signatures.
“Protecting sensitive data is a top concern at figo, which is why we selected NeuVector for container network security. NeuVector 3.0 with DLP to detect unencrypted credit card and other personal data in network transmissions is important for our defense in depth as well as our PCI compliance program,” said Christian Hüning, system architect, figo GmbH. “We selected NeuVector to protect containers in production because it combines network and run-time security with vulnerability management for compliance.”
NeuVector 3.0 is also introducing multi-cluster management, enabling customers to secure multi-cloud and hybrid cloud container deployments by monitoring and protecting production containers across clouds and Kubernetes clusters. Doing so simplifies the security operations for many enterprises running containers that span different clouds and clusters, and enables engineering teams to quickly and easily pinpoint and investigate potential attacks from a centralized NeuVector console.
“With these new capabilities we’re bringing brand new levels of protection to container network security, and continuing to strengthen our leading network inspection technology,” said Fei Huang, CEO, NeuVector. “Customer demand for a container DLP solution has been high and, now with NeuVector 3.0, organizations across industries that collect, store, and handle sensitive customer data within containerized environments will be much better prepared to protect that data and meet regulatory compliance requirements.”
NeuVector, the leader in Container Network Security, protects Kubernetes in production. NeuVector delivers highly integrated, automated security and is the only next generation container firewall with packet-level interrogation and enforcement. NeuVector customers include global leaders in financial services, healthcare, transportation, publishing and other industries. NeuVector partners with Alibaba, AWS, Docker, Google Cloud, IBM, Microsoft Azure, Rancher, Red Hat, and others. Founded by industry veterans from Fortinet, VMware, and Trend Micro, NeuVector has developed patent-pending behavioral learning for container security. For more information, please go to www.neuvector.com.