Introducing Scalock - Hello There Container World!
Welcome to Scalock’s new blog.
Scalock is officially new to the container security scene. Amir Jerbi and I (Dror Davidoff) set up Scalock to provide a solution for the many security gaps that have become apparent as containers have become more widely used. In a nutshell, we provide scalable security for the complete development-to-deployment lifecycle of containerized applications. The goal is for companies to be able to use containers for their many benefits, without compromising their application and data security.
Just a little background
Although container technology is not exactly new, it has surged in the last few years, mostly as the result of Docker, a containerization platform that has shown the most dramatic growth in this space. A recent survey showed that over 70% of enterprises are already using, or considering moving towards, virtual containers.
This is of no surprise. Container-based virtualization allows companies to reduce costs and enjoy flexibility in application development and production. IT developers favor containers because they are easy to use and scale in deployment. Developers like them because of their autonomous components; they can make changes and redeploy without breaking the working app. Meanwhile, hosting providers just love the efficient way they can offer software platforms to their customers. Sounds like it’s win-win scenario for everybody, right?
Unfortunately not. The very features of containers that make them so cost-effective and easy to use, also bring about a new set of security challenges.
Containers are vulnerable to cyber attacks in three main ways:
- Containers operate on a shared kernel, making them a scalable, but also making it easier for hackers to infect all other containers running on the same host;
- The users of virtual containers have very few controls to limit or monitor their software use, making them prime insider threats;
- Because containers are self-contained, they often include outdated, vulnerable and non-compliant components, thus putting the entire system at risk.
The reality is simple. The flexibility and scalability of containers, although a developer’s dream, requires organizations to monitor and manage a process that is always in motion; containers aren’t fixed and thus require different kinds of measures to secure them.
Nevertheless, companies are still looking to deploy containers to cut costs and reduce overheads. Often they are fully aware of the security risks, but they simply do not have the necessary tools or know-how to secure all their vulnerabilities.
That’s where Scalock can help!
Securing every stage of the container lifecycle
Scalock provides a comprehensive security solution for virtual containers by adding visibility and control to containerized environments, enabling organizations to scale-out without security limitations even on a very large scale. We support major container platforms, including Docker, CoreOS, VMWare and Microsoft Windows.
Scalock secures virtualized containers on every level: containers, hosts and applications. We isolate containers based entirely on an organization’s needs, and monitor them following best security practices and the information we have learned from observing how each container runs.
Containers have made software development and deployment so much more simple. The possibilities as we move into the future have the potential to be endless, but only if we solve the issue of security. Our goal is to create a seamless and scalable solution that allows containers to continue to do what they do best.
Docker world, here we come
In a few days, we will be boarding a plane to the beautiful city of Barcelona to participate in DockerCon Europe. DockerCon Europe 2015 is a two-day Docker-centric conference where Developers, DevOps, Ops, System Administrators and C-level executives can meet and talk about what they love most - containers. There’s also an impressive lineup of speakers, including Aanand Prasad (Docker), Jason McGee (IBM), Andrey Sibiryov (Uber) and John Fiedler (SalesforceIQ), to name just a few.
The Scalock team have been looking forward to this event for some time. It is a fantastic opportunity to meet hundreds of Docker users, exchange ideas on their growing security needs and showcase Scalock’s solution.
It is also a great chance to meet other companies in the the Docker ecosystem. The container industry is developing at lightning speed, and there are constantly new startups that are developing in the areas of container management, databases and networking. DockerCon is the perfect place for us to meet other companies in the field to create potential partnership. We are already working with several companies, such as Sumo Logic and Code Fresh, and we hope to partner with other container solutions.
We’ll be soaking up the Docker madness and will no doubt enjoy every minute. If you find yourself at DockerCon next week, feel free to drop by our booth in the startup pavilion for the chance to learn more about Scalock.
Better still -- Get to the
#DockerCon party in style! Join our free tour of Barcelona which ends at the party. Tickets at our booth.
Looking forward to continuing to share our blogs with you as we begin this exciting journey.
The Scalock Team!