Introducing Sophos container image scanning
For the details behind these headlines, and to see how your country stacks up, read The State of Cloud Security 2020 report. Secure the cloud with Sophos. However you’re using the public cloud, Sophos can help you keep it secure. Secure all your cloud resources. Get a complete inventory of multi-cloud environments (virtual machines, storage. Sophos Cloud Security Posture Management Easily identify cloud resource vulnerabilities, ensure compliance, and respond to threats faster. Asset and network traffic visibility for AWS, Azure, and Google Cloud Risk-based prioritization of security issues with guided remediation.
95% of all new applications are now using containers (source: 451 Research), and while popularity is growing for containers, attackers have been busy exploiting vulnerabilities and there have been many incidents of container security breaches including elevation of privileges and allowing malware to be installed.
Sophos Cloud Security Software
Sophos Cloud Optix transforms your public cloud security posture. Delivering the continuous analysis and visibility needed to detect, respond, and prevent hidden security and compliance gaps that leave organizations exposed. Sophos Cloud Security Free Trial Sophos protection for AWS, Azure and Google Cloud Platform secures cloud infrastructure, data, access roles and configurations from the latest threats. Sophos XG Firewall: All-in-one firewall and synchronized communication with. Sophos Central is the unified console for managing all your Sophos products. Sign into your account, take a tour, or start a trial from here.
Sophos Cloud Optix has now been enhanced to provide both visibility of container assets and scanning to identify exploitable weak points in container images – helping prevent security breaches. With Cloud Optix, organizations can scan container images pre-deployment to prevent threats from operating system vulnerabilities and identify newer versions of the image containing fixes.
This approach enables security teams to enable fast and secure development by enabling DevOps teams to scan container images for security vulnerabilities in the following locations:
- Amazon Elastic Container Registries (ECR)
- Microsoft Azure Container Registries (ACR)
- Docker Hub registries
- IaC environments (Bitbucket and GitHub)
- Images in your build pipeline (using the Cloud Optix API)
Container image scanning is easy to setup with no additional license required as container images count towards existing licensed assets. Read more about Sophos container security in our help guide.
Test Sophos container image scanning free today from the free trials page with Sophos Central
More updates for Cloud Optix
Sophos Cloud Security Free
The latest release for Sophos Cloud Optix goes beyond container image scanning, with new automated remediation abilities to prevent security misconfigurations in cloud environments and more:
Sophos Cloud Security
- Webhooks: You can now use webhooks to integrate with systems for remediation, reporting, and other functions. Sophos Cloud Optix provides native integration for a variety of systems, for example Jira, Slack, Teams, and so on. If you’re using different system, or want to trigger your own remediation functions, you can use webhooks to send alerts an http endpoint in your environment.
Read help guide here. - ‘Operational Status enhancements: On the ‘Environments’ page, for each AWS, Azure and GCP environment, you can now see the operational status of Flow Log ingestion and Activity Log ingestion.
- ‘Unused’ Azure NSG filter enhancement: In the inventory (Azure Network Security Groups page), the ‘Unused’ filter now considers the following additional Azure services that Security Groups can be assigned to, in addition to VMs: SQL Server, DB Server, CosmosDB, App Service, Function App, Storage Account.
- New date range filter: The date range selector on key screens in the Cloud Optix console, including Dashboard, Alerts and Activity logs, has been replaced with a new, more flexible selector. Choose from a range of ‘commonly used’ date range options or select a custom date range using the calendar.
- Compliance policy tags for alerts: Security monitoring alerts from compliance policy rules have an associated ‘Compliance Tag’ to identify the policies that the rule belongs to. Compliance tags are now included on the Alert details popup modal. You can also now link directly from the alerts list to a policy details page, by clicking on a compliance tag in the list.