Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Expanding Vulnerability Management to Container Security: FlawCheck Joins Tenable

Today marked a significant milestone, as Tenable Network Security announced the acquisition of FlawCheck, a company that Sasan Padidar and I founded in early 2015. We built FlawCheck to address the difficulty of detecting security risks, at scale, in the world's largest data centers. As we engaged with some of the largest companies on their next-generation data center security challenges, we honed in on container environments as an area particularly fraught with issues.

As organizations seek to accelerate their innovation cycles to deliver better products to customers, DevOps and containerized software are becoming the norm. In fact, a recent survey found 53% of companies had either deployed or were in the process of evaluating containers.

Vulnerabilities are being inadvertently introduced into production

But with new technologies and processes come new challenges. Most notably, vulnerabilities are being inadvertently introduced into production through these nascent DevOps processes – a significant blind spot for security teams. An additional challenge is that in container environments, the role of security operations often changes, with the development team typically taking responsibility for both provisioning and vulnerability remediation.

This is the challenge we have addressed with FlawCheck and are excited to continue working on at Tenable. The product today serves as a private registry for container images, automatically scanning images for vulnerabilities and malware as they’re built, before they can reach production, and continuously monitoring them thereafter. By integrating with the continuous integration and continuous deployment (CI/CD) systems that build container images, it helps ensure production code is secure and compliant with enterprise policy.

The stakes for enterprise security are only growing, as containers deliver more of the world’s digital innovation every day.

The stakes for enterprise security are only growing, as containers deliver more of the world’s digital innovation

Bringing the FlawCheck team, technology, and product to Tenable is an exciting move. This acquisition marks many firsts. For the industry, it is the first acquisition of a container security company. For Tenable, it is the company’s first acquisition in its storied 14 year history, and its first entrance into the application security space. It's a thrilling time to be in technology and the FlawCheck team is honored to join Tenable.

The combined Tenable/FlawCheck team is now working to bring a fully integrated container security offering to market in early 2017.

In the meantime, enterprise security professionals and developers can register for a free trial of FlawCheck. As we move forward, we'll provide additional details on our product strategy and offerings. Best wishes on your container journey!

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io Vulnerability Management

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now and run your first scan within 60 seconds.

Buy Tenable.io Vulnerability Management

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.