TMCnet News
Aporeto Launches First Comprehensive Microservices Security SolutionAporeto, a Zero Trust security solution for microservices, containers and the cloud, today announced the release of Aporeto (News - Alert) Enterprise 2.0. Aporeto's security platform introduces a new contextual application identity for every application component or process as a new security control point to better protect cloud-native enterprise applications - a challenging environment that strains legacy security approaches. Aporeto enables a complete set of security capabilities required for securing microservices and cloud applications across network security, application programing interface (API) access control, runtime threat and vulnerability management, and identity management. These security capabilities are powered by the combination of distributed security policy and the Aporeto application identity, a multi-attribute contextual identity for any application component created and managed by the Aporeto platform. As businesses aggressively transition their IT infrastructure to the cloud in pursuit of speed and agility, they're learning their legacy security is painfully tethered to complex, static networks and infrastructures. Meanwhile, microservices, containers and serverless technologies are allowing enterprises to build and deploy applications with ever increasing speed. But security teams have diminishing control and visibility into what is happening with these applications, especially as they become distributed across public, private and hybrid cloud infrastructures. Enabling the business to move fast and to the cloud requires rethinking of static, perimeter-centric security and moving to a more dynamic and automated Zero Trust security model. Containers are not inherently unsecure, but they are being deployed in an unsecure manner by developers, with little or no involvement from security teams and not much guidance from security architects, according to Gartner. Traditional host-based and network security solutions are blind to containers. Container security solutions protect the entire life cycle of containers from creation into production, and most container security solutions provide preproduction scanning combined with runtime monitoring and protection. Aporeto's approach is based on the Zero Trust principles that assumes everything is accessible all the time and any part of the infrastructure could be compromised at any time. With a Zero Trust mindset, security teams regain effective conrol and visibility of cloud-native applications by making security automated, scalable and infrastructure agnostic. This model stands in stark contrast to traditional approaches to security that provide static, infrastructure-dependent protection that is tightly coupled to the network and must constantly be reconfigured to address application needs. "We've learned from our customers that cloud-native technologies are really testing the assumptions of legacy security models, so we've evolved Aporeto to address the complete set of requirements for securing microservices," said Jason Schmitt, CEO, Aporeto. "While network security, container threat, and vulnerability management are critical components of comprehensive microservices security, they're just part of the solution for operating securely in Zero Trust environments. APIs and identity in particular are areas of cloud-native applications that are often overlooked and underserved in most security programs." Aporeto secures applications across hybrid and multi-cloud deployments by leveraging application identity - a multi-attribute contextual identity for any application component created and managed by the Aporeto platform. Unique identities for each application resource allow Aporeto to automatically create distributed security policies and enforce security at a granular process level. Because the policy enforcement is based on identity and decoupled from the network and infrastructure, the security protection moves and scales with the application regardless of where it runs. At runtime, the addition of behavioral analysis and vulnerability data enriches the application identity to create dynamic security visibility and protection. Key features of Aporeto Enterprise 2.0 include:
Aporeto Enterprise 2.0 is available immediately as SaaS (News - Alert) or on-premise. For more information or to schedule a demo, please visit this website. About Aporeto Aporeto is a Zero Trust security solution for microservices, containers and the cloud. Fundamental to Aporeto's approach is the principle that everything in an application is accessible to everyone and could be compromised at any time. Aporeto uses identity context, vulnerability data, threat monitoring and behavior analysis to build and enforce authentication, authorization and encryption policies for applications. With Aporeto, enterprises implement a uniform security policy decoupled from the underlying infrastructure, enabling workload isolation, API access control and application identity management across public, private or hybrid cloud. For more information, check out www.aporeto.com or www.twitter.com/aporeto. View source version on businesswire.com: https://www.businesswire.com/news/home/20180327005428/en/ |