Container Security Software

NGINX, a business unit of F5 Networks, powers over 65% of the world's busiest websites and web applications. NGINX started out as an open source web server and reverse proxy, built to be faster and more efficient than Apache. Over the years, NGINX has built a suite of infrastructure…

Vulnerability management specialist Tenable offers their cloud application and container security platform Tenable.io, a vulnerability management tool that emphasizes visibility of web applications, automatic scanning, and a unified view of cloud infrastructure and possible…

Lacework in San Jose delivers security and compliance for the cloud. The Lacework Cloud Security Platform is cloud-native and offered as-a-Service; delivering build-time to run-time threat detection, behavioral anomaly detection, and cloud compliance across multicloud environments,…

Trend Micro Cloud One Workload Security (formerly Deep Security) is cloud security software suite, from Trend Micro, for hybrid cloud environments and virtualization security.

Prisma Cloud, from Palo Alto Networks (based on technology acquired with Evident.io, or the Evident Security Platform) is presented as a comprehensive Cloud Native Security Platform (CNSP) that delivers full lifecycle security and full stack protection for multi- and hybrid-cloud…

Aptible Deploy (formerly Aptible Enclave) is a container orchestration platform built for developers that automates security best practices and controls needed for deploying and scaling Dockerized apps in regulated industries. Aptible Deploy is ISO 27001-certified and can be used…

Threat Stack is a cloud security option from the company of the same name in Boston, Massachusetts, providing vulnerability assessments of cloud assets, container security, and other features.

NGINX Plus is presented as a cloud‑native, easy-to-use reverse proxy, load balancer, and API gateway, from F5.

Encryption and data protection specialist Thales eSecurity headquartered in San Jose offers CipherTrust Container Security (formery Vormetric), encrypting and securing access to containerized applications and data.

Designed for the cloud, in the cloud, BMC Helix Cloud Security (formerly TrueSight Cloud Security) is designed to take the pain out of security and compliance for cloud resources and containers. The product provides cloud security scoring and remediation for public cloud services…

IBM Cloud™ Data Shield enables users to run containerized applications in a secure enclave on an IBM Cloud Kubernetes host, providing data-in-use protection.

StackRox, headquartered in Mountain View, offers their containerized, cloud-app security platform for monitoring container access and privileges, and locating and eliminating potential vulnerabilities in containerized app infrastructure.

NGINX Ingress Controller is a traffic management solution for cloud‑native apps in Kubernetes and containerized environments.

DivvyCloud protects cloud and container environments from misconfigurations, policy violations, threats, and IAM challenges by using automation and real-time remediation to ensure continuous security and compliance. Rapid7 announced their intent to acquire DivvyCloud April 2020.

Jetstack Preflight helps users understand their Kubernetes environments by constantly scanning for mis-configurations that may be opening security holes, causing costly excess resource usage or making a cluster harder to maintain. Preflight checks the environment against policy rules,…

cert-manager is an open source software for machine identity automation in cloud native environments. It aims to make it easy for developers to secure applications in Kubernetes and OpenShift platforms, automating X.509 certificate issuance and renewal from a certificate provider…

Confluera, an XDR platform from the company of the same name in Palo Alto, tracks and intercepts cyberattacks along its lifecycle in real-time, stitching together live events based on cause and effect instead of correlating past events after the breach.

Capsule8 from Sophos (acquired 2021) provides attack protection for enterprise Linux -- whether containerized, virtualized, or bare metal. It is an EDR solution the vendor presents as performant and purpose built Linux detection that protects against threats, provides consistent…

Alcide is a Kubernetes security solution acquired by Rapid7 February, 2021. It enables DevOps teams to drive security guardrails to their CI/CD pipelines, and security teams to continuously secure and protect their growing Kubernetes deployments.

Cloud security company Qualys offers the Qualys Countainer Security (CS) application.

The Sonatype Nexus Platform is a software composition analysis tool that scans to build a repository components, and then checks security and licensing to ensure compliance. Sonatype acquired MuseDev in March 2021 to expand the capabilities of the Nexus platform. Current modules…

Sysdig headquartered in San Francisco offers the Sysdig Platform, providing end-to-end container vulnerability management, threat blocking, and container application security.

The Trend Micro Deep Security Smart Check for container security helps DevOps teams adopt frictionless security with immediate, continuous scanning for threats, vulnerabilities, and secrets, as well as provides dashboard visibility, notifications, and scanning logs for compliance…

Docker containers make it easy to develop, deploy, and deliver applications where containers can be deployed and brought down in a matter of seconds. This flexibility makes it very useful for DevOps to automate deployment of containers. Symantec Data Center Security: Server Advanced…

Aqua Security headquartered in Tel Aviv offers the Aqua Cloud Native Security Platform, providing full lifecycle security for server-less containerized applications.