Bitdefender (bitdefender.com), a global cybersecurity leader, today announced GravityZone Security for Containers, expanding its cloud workload security (CWS) offering with run-time support for containers and Linux kernel independence. The new solution delivers threat prevention, extended endpoint detection and response (XEDR) and anti-exploit protection for containers running in private and public clouds with comprehensive visibility and control through GravityZone, the company’s unified cybersecurity platform. New Linux kernel independence helps businesses move to the latest Linux distributions without the delays caused by dependencies commonly imposed by cybersecurity providers.
GravityZone Security for Containers provides a full stack solution supporting EDR and CWS, with an unmatched ability to prevent, detect and remediate threats against cloud workloads (including Docker and Kubernetes containers). Bitdefender Linux-native prevention and detection technologies identify threats earlier and reduce adversary dwell time.
The use of containers has grown rapidly, speeding application delivery and digital transformation initiatives. Gartner predicts that by 2025, 85 percent of organizations will run containers in production, up from less than 30 percent in 2020. In addition to delays in moving to new Linux distributions, traditional security tools may generate increased risk due to their dependence on kernel modules to support security functions. This can create security and system stability challenges, resulting in workloads running on Linux servers being exposed to greater attack success.
In a recent report, Gartner analysts Neil McDonald and Tom Croll write,“There is no guarantee that an enterprise will be able to place agents in the Linux host OS in a container-based deployment. This is increasingly the case with locked-down minimal kernels and with some managed container services. The answer is to provide an architectural option to run the CWPP (cloud workload protection platform) offering as a privileged container (or as a sidecar in Kubernetes pods and service mesh architectures).”
So far in 2021, Bitdefender Labs, the company’s elite global team of security researchers, investigators and reverse malware engineers, has seen a marked increase in attacks aimed at containers and Linux servers with 71 percent of malware attributed to Mirai and Meterpreter. It is now clear that adversaries have migrated to multi-platform attacks, developing malware (including ransomware) specifically for Linux binaries.
GravityZone Security for Containers is easy to deploy and offers several benefits for cloud operations and teams including:
• Unmatched protection against runtime attacks -- GravityZone Security for Containers protects containers and cloud-native workloads against Linux kernel, application zero-day and known exploit attacks in real-time and identifies the full context of incidents including which images and pods were involved.
• Multi-distribution security -- GravityZone Security for Containers eliminates Linux security compatibility challenges via a single, lightweight agent that sits above the Linux kernel enabling organizations to update to the latest Linux distributions faster without sacrificing security efficacy.
• Complete visibility and control -- Bitdefender GravityZone is multi-platform and enables complete security visibility and control over all containers and workloads across hybrid or multi-cloud environments from a single dashboard.
• MITRE ATT&CK® mapping -- GravityZone Security for Containers maps cloud workload container attacks to the MITRE ATT&CK® Framework. In the most recent MITRE ATT&CK test, GravityZone detected 100 percent of attack techniques against Linux systems.
"As we continue moving workloads to the cloud, it is imperative our security extends across all our environments including physical and virtual machines, multiple-clouds, hybrid and containers,” said Timothy Du Four, vice president and director of information technology at Greenman-Pedersen. “With Bitdefender, we have visibility into security issues and are proactive and better protected because GravityZone provides us with improved detection and alerting over our entire footprint.”
“Cybercriminals are increasingly focusing attacks on cloud workloads because that is where data and applications now reside for many organizations,” said Andrei Florescu, vice president of product management, Bitdefender Solutions Group. “With most cloud workloads built using containers and microservices running on Linux, extending security visibility and control across heterogeneous hybrid-cloud infrastructures is paramount. We built GravityZone Security for Containers to defend against Linux attack techniques and help businesses become resilient as they embrace containers for their cloud workload deployment architecture."
 Gartner, Gregor Petri, David Smith, Sid Nag, Henrique Cecci, Yefim Natis, David Cearley, Michael Warrilow “Predicts 2021: Building on Cloud Computing as the New Normal” December 14, 2020
 Gartner, Neil McDonald and Tom Croll,“Market Guide for Cloud Workload Protection Platforms” July 12, 2021