SentinelOne has released a new automated application control engine that is designed to secure cloud and containerized workloads without human intervention.
The automated engine eliminates the need to manually maintain allow-lists, which preserves cloud and container workload’s immutable states while also defending against malware, cryptojacking, and zero-day threats.
“It is critical to defend cloud and container workloads, but any solution that impacts the flexibility, speed, and agility of development defeats the whole purpose of going cloud. SentinelOne distinctly understands the need to secure the cloud without interference, and we are happy to deliver a cloud security solution that furthers our customers’ IT and business objectives,” said said Guy Gertner, the vice president of product management at SentinelOne.
The solution offers a default deny mode for containers to prevent unauthorized changes to production workloads. Also to eliminate complexity, the engine requires no special configurations.
It was designed to protect container workloads from the get-go, whether they run as Kubernetes pods or as plain containers in Docker servers, according to the company.
When the Application Control Engine detects a process that impairs the immutable state of a containerized workload, it immediately reports that process as a threat, mitigates it by killing the process, and moves relevant files into quarantine.
“The Application Control Engine is the answer to the security needs of containerized cloud workloads. It helps secure runtime from known and unknown threats with a simple click of a button, and it does so without any ML training period or unwelcome delays to production release,” the company stated.
The Application Control Engine is available in Kubernetes and Linux 4.4 workload agents. More information is available here.