SentinelOne Announces Automated Application Control for Cloud and Container Security
September 18, 2020SentinelOne, the autonomous endpoint protection company, today announced a new Automated Application Control Engine designed to secure cloud and containerized workloads without human intervention. The new automated engine automatically secures containers at runtime against known and unknown threats, eliminating the need to manually maintain allow-lists, preserving cloud and container workload’s immutable states while also defending against modern threats such as malware, cryptojacking, and zero-days.
“Organizations need cloud security solutions that can secure their cloud assets at the speed of business,” said Guy Gertner, VP Product Management, SentinelOne. “It is critical to defend cloud and container workloads, but any solution that impacts the flexibility, speed, and agility of development defeats the whole purpose of going cloud. SentinelOne distinctly understands the need to secure the cloud without interference, and we are happy to deliver a cloud security solution that furthers our customers’ IT and business objectives.”
One of the defining principles of cloud-native workloads is their self-contained architecture – they are built from immutable images containing everything the application needs to run. While security is a concern, any proposed security solution must not disturb the workload’s dynamic nature. Most container solutions today rely on creating allow-lists, white-listing everything that is cleared to run in the container, and identifying anything else as a threat to be mitigated. However, these existing solutions are flawed: whether pre-deployment scanning or learning during runtime, today’s container security products either inhibit agility, require too much labor or miss legitimate threats.
The SentinelOne solution offers a default deny mode for containers to prevent unauthorized changes to production workloads. The engine requires no special configurations and does not add complexity or delay to the software delivery chain. Designed to protect container workloads from the get-go, whether they run as Kubernetes pods or as plain containers in Docker servers, the engine is enabled with one simple click and deploys in seconds.
The Application Control Engine feature is available in Kubernetes and Linux 4.4 workload agents.