Shifting Left with Security Policy as Code (SPaC)
Introduction to NeuVector
Kubernetes has revolutionized how applications are deployed and managed, but it also introduces significant security challenges. This is where specialized tools and technologies come into play. NeuVector, a container security platform, is one such solution that provides comprehensive protection for Kubernetes environments.
NeuVector focuses on securing and ensuring compliance within Kubernetes ecosystems. With its approach and transition to open source, NeuVector offers a strong defense against container vulnerabilities and cyber threats.
Founded in 2015 in Silicon Valley, NeuVector was created to address the security needs of Kubernetes environments. It emerged during a time of rapid container adoption. Its founders, Fei Huang and Gary Duan, recognized the demand for a security solution capable of keeping pace with evolving container technology.
A major milestone came in October 2021 when SUSE acquired NeuVector. SUSE, a key player in open-source enterprise solutions and the developer behind Rancher, RKE, K3s, Fleet, Longhorn, Velero, and Harvester, integrated NeuVector into its ecosystem for Kubernetes security and cluster management.
"The total consideration for the acquisition is $130 million, of which $101 million is in cash from SUSE’s existing cash balances and $29 million is through the issuance of 695,853 new shares," according to the press release. This move was a strategic effort by SUSE to strengthen Rancher’s security capabilities.
In January 2022, SUSE advanced NeuVector further by releasing its source code under the Apache 2.0 license. NeuVector can be deployed independently or with Rancher and is compatible with any Kubernetes distribution.
NeuVector has established itself as a leading security solution for Kubernetes by offering real-time protection for containers, pods, and hosts. Its standout features include extensive compliance and auditing functionalities. With increasingly stringent regulations, NeuVector equips organizations with tools to maintain container security compliance. It automates security checks and generates reports aligned with standards such as:
- DISA: Security guidelines for Kubernetes from the Defense Information Systems Agency.
- GDPR: Data protection and privacy regulations for the European Union.
- HIPAA: Security protocols for protecting sensitive healthcare information.
- NIST: Cybersecurity best practices from the National Institute of Standards and Technology.
DevSecOps in Practice
A Hands-On Guide to Operationalizing DevSecOps at ScaleEnroll now to unlock current content and receive all future updates for free. Your purchase supports the author and fuels the creation of more exciting content. Act fast, as the price will rise as the course nears completion!