The de facto leader when it comes to vulnerability management is Nessus from Tenable Network Security. The de facto leader when it comes to container ecosystems is Docker. Now you can combine the two because Nessus 6.6 allows you to monitor and protect Docker containers and the container environment.
Containers are great and provide organizations with the platform and tools necessary to develop and deploy applications more efficiently than traditional software applications or virtual machines. Containers also have the potential to exponentially increase your exposure to vulnerabilities and risk. Tenable Network Security just released a new version of Nessus that can help you monitor and manage vulnerabilities in your Docker environment.
Security has been a growing concern when it comes to Docker—and containers in general—for the past year or so. There have been a variety of alternate container platforms introduced that are designed to be more secure, and Docker itself has taken steps to make its own containers more secure.
Despite the progress being made, container security is still an issue, though. One primary concern is that the container ecosystem tends to be volatile—so it’s a challenge just to keep up with the containers that are active in your environment at any given time. Beyond that, you still need to be able to identify and remediate vulnerabilities in the containers that might expose your network or data to risk.
Nessus is the de facto leader when it comes to vulnerability management. It has been around for nearly 20 years and is perennially ranked in the top 5 of the SecTools.org list of top network security tools. The latest release—Nessus 6.6—adds Docker auditing to the mix so you can effectively monitor and protect your Docker container ecosystem. A Tenable blog post explains, “Users need to take additional steps to lock down the kernel, reduce the attack surface of the docker daemon and harden the container configuration to have a truly secure setup.”
Nessus 6.6 includes a Docker Service Detection plugin that can detect Docker installs and enumerate all of the active containers on a given Docker host. Tenable also notes that the containers share the kernel with host OS, which means that any kernel-level vulnerabilities are magnified across all of the containers. According to Tenable, a credentials patch audit of the Docker host can help identify existing vulnerabilities so you can properly address them.
In addition, Nessus 6.6 includes support for the Docker benchmark from the Center for Internet Security (CIS). Nessus can audit your Docker environment against the CIS benchmark to identify areas where your Docker security falls short.
Finally, Nessus 6.6 can also audit the configuration of the Docker containers themselves. The Tenable blog explains, “Just select an audit and run a scan against the Docker host, and Nessus will automatically identify applicable containers and audit the configuration of those containers.”
Read the full post at ContainerJournal: Monitor and Protect Docker Containers with Nessus 6.6.