Trend Micro Extends Container Security Reach

Trend Micro is extending the reach of its container security offerings to now address the full range of the DevSecOps life cycle.

The latest updates to Trend Micro Deep Security add the ability to inspect all lateral and horizontal traffic movement between containers and platform layers such as Kubernetes and Docker.

Trend Micro is also now making it possible to employ any command shell to invoke its REST application program interfaces (APIs). Those new REST APIs are intended to make it easier to automate security operating across both container orchestration tools and runtime environments.

Additionally, Trend Micro has added support for scanning of images prior to being loaded into a container registry. Previously, Trend Micro Deep Security only scanned container images stored within a registry.

Finally, Trend Micro Deep Security will now also scan for embedded secrets such as passwords and private keys and provide compliance and configuration validation checks, along with image assertion for digitally signed images.

Mark Nunnikhoven, vice president of cloud research for Trend Micro’s VP of cloud research, says the rise of containers is now driving a massive wave of innovation across the cybersecurity sector. In addition to dealing with the fundamental ephemeral nature of containers, the platforms used to secure them need to be accessible to both developers and cybersecurity professionals, he says.

Developers increasingly are expected to make sure containers are secure as part of the quality control process. However, after containers are deployed, cybersecurity professionals need to be able to inspect them to make sure no insecure code may have been accidentally or maliciously included.

The fundamental challenge organizations face today is finding a way to make sure cybersecurity policies are enforced without slowing down the application development process. Achieving that goal requires developers and cybersecurity teams to work past a lot of animosity that has built up over the years. Cybersecurity professionals, however, have little alternative to patching things up with developers, given the chronic shortage of cybersecurity professionals. Unless developers take more responsibility for implementing cybersecurity controls, there is no way cybersecurity professionals will be able to keep pace with the rate at which modern applications are now being deployed and updated.

Nunnikhoven says Trend Micro’s contribution to enabling that rapprochement is to focus more on container cybersecurity life cycle management, which includes a REST API that developers can invoke easily.

Like most cybersecurity vendors, Trend Micro is making a case for employing a common cybersecurity framework across both modern and legacy application environments. The shift to modern cloud-native applications, however, has fostered the rise of a small army of startup cybersecurity vendors. It’s too early to say whether challengers or incumbent security vendors will carry the container security battle. However, it’s clear that when it comes to securing containers, there is no shortage of potential platforms. The challenge now is training everyone involved how to employ the best DevSecOps processes required to wield them.

Mike Vizard

Mike Vizard is a veteran IT journalist with more than 25 years of experience covering the technology industry, having previously served as Editor-in-Chief of both CRN and InfoWorld and as editorial director for Ziff-Davis Enterprise, where he oversaw titles including eWEEK, CIO Insight and Baseline. Over his career he has also edited or contributed to a wide range of enterprise technology publications, including IT Business Edge, Channel Insider, ComputerWorld, TMCNet and Digital Review, and he later led editorial for CTOEdge.com. His reporting and analysis span software development, cloud computing, cybersecurity, IT channel strategy and, more recently, artificial intelligence and DevOps practices. A recognized voice in enterprise IT journalism, Vizard is known for tracking emerging technology trends as they move from early adoption into mainstream enterprise use. He now serves as Chief Content Officer for Techstrong Group, where he oversees editorial strategy across the full network — DevOps.com, Security Boulevard, Cloud Native Now, Digital CxO, Techstrong.ai, TechStrong.IT, Techstrong Semi and PlatformEngineering.com — in addition to writing and hosting content for Techstrong TV and the Techstrong Gang podcast.

    Mike Vizard has 1813 posts and counting. See all posts by Mike Vizard