SAN FRANCISCO, April 13, 2018 (GLOBE NEWSWIRE) -- Deepfence (www.deepfence.io) today announced support for securing workloads running in AWS Fargate. Deepfence came out of stealth in February 2018 and takes an application centric approach to container security. Deepfence secures the ‘inner attack surface’ of containers by protecting against complex multi-stage and multi-vector attacks.
Launched in Nov 2017, AWS Fargate represents serverless paradigm built purely using containers, therefore an enterprise no longer has to provision, configure, and scale clusters of virtual machines to run containers. Serverless paradigms like AWS Fargate built using containers essentially offload management of underlying server infrastructure to cloud service providers.
One issue that users have previously faced is that AWS Fargate does not allow elevated capabilities or privileged mode for its containers, essentially rendering most of the existing container security tools un-usable. This is where Deepfence comes in.
Deepfence’s ‘Security As a Microservice’ solution is deployed as a sidecar container when users manage their virtual machine or container based infrastructure.
“In the case of Fargate, where users do not have access to underlying infrastructure, Deepfence gets deployed as a pico-process which runs along with user’s workloads as part of the same execution unit,” said Sandeep Lahane, Deepfence’s Founder and CEO. “This pico-process is injected as part of CI/CD and is built into the container image. This is an additional way to deploy Deepfence’s semantic patching technology and with this release we protect container workloads on both managed and unmanaged infrastructures.”
Deepfence technology is different than its competitors because it does not employ third party kernel modules, library level system call interception or in-line proxies. Rather, the whole stack is built in user space in a memory safe manner; this is especially important as container security tools are supposed to get deployed on production infrastructure where users might or might not have access to underlying infrastructure like in the case of Fargate.
“A vulnerable version of Apache Struts is equally vulnerable even when it is running on Fargate and can lead to integrity breaches,” Lahane added. “Traditional security apparatus is not sufficient for these new paradigms. Weaving security in as part of applications is the only way to secure modern applications in a portable manner.”
Deepfence support for AWS Fargate is available for private beta and a free trial can be requested on their website. Deepfence team will be demonstrating AWS Fargate support at the RSA Early Stage Expo 2018 at booth #9.
Deepfence was founded in 2016 with a mission to bring fundamental advances to the field of application security. Rather than shoehorn conventional security measures for modern paradigms, Deepfence builds a superior approach from the ground up. The company’s ‘Security as a Microservice’ solution radically changes the way containers and cloud workloads are protected, and is native to the modern application and infrastructure paradigms. Deepfence team brings together deep expertise in the areas of application and network security, program analysis, machine learning, virtualization, and networking, with years of experience in industry and academia. To learn more, please visit www.deepfence.io.