TMCnet News
NRI Secure Launches Japan's First IT Security Assessment Service for Container OrchestrationNRI SecureTechnologies, Ltd. (NRI Secure) today launched Japan's first1 IT security assessment service for systems with container orchestration2, that uses the leading container orchestration tool "Kubernetes."3 This service provides IT security assessment for a system using container orchestration technology from the viewpoints of both "static analysis" by interpreting configuration files, and "dynamic analysis" by attempting simulated attacks. The assessment consists of manual inspection by engineers of NRI Secure who have expert knowledge of container orchestration as well as several tests using auxiliary inspection tools. This service detects security issues by checking the validity of the information on the configuration file, and the architecture configuration generated by container orchestration. In addition to the independent inspection of each configuration file, a comprehensive and highly accurate assessment is performed to check whether the configuration state is appropriate or not by looking at the entire architecture. This enables us to detect security issues at the design phase that are often overlooked by the inspection tool alone. Followed by Kubernetes, NRI Secure plans to add more container orchestration tools to the scope of this IT security assessment service. In recent years, as DX (digital transformation) has become more widespread, the need for greater flexibility and speed in system development has increased, and the design concepts and infrastructure technologies that support these requirements have been rapidly evolving. In particular, microservice4, which develops applications by splitting them into services and functions, and other system development that presuppose deployment of cloud-native5 and serverless6 architectures are becoming more common. One of the technologies that underpin these architectures is an application execution environment called a container. The eergence of container orchestration tools that automatically deploy, scale, and so on has increased the adoption of containers when building systems. On the other hand, since containers are a new technology area, there is a high possibility that the system is operating with a weak configuration since security measures are not yet fully in place. To deal with increasingly intense cyber threats and attacks, it is necessary to take appropriate security measures, such as access and privilege management, with a view to the entire system architecture, as well as vulnerability measures for the container itself. NRI Secure will continue to provide various products and services in response to trends and threats of the times for supporting companies and organizations in their information security measures, contributing to promoting digital transformation for a safe and secure society. ____________________________
1 Japan's first:
2 container orchestration:
3 Kubernetes:
4 Microservice:
5 cloud-native:
6 serverless:
About NRI SecureTechnologies NRI SecureTechnologies is a subsidiary of Nomura Research Institute (NRI) specializing in cybersecurity, and a leading global provider of next-generation managed security services and security consulting. Established in 2000, NRI Secure is focused on delivering high-value security outcomes for our clients with the precision and efficiency that define Japanese quality. For more details, visit us at https://www.nri-secure.com. View source version on businesswire.com: https://www.businesswire.com/news/home/20191128005588/en/ |