sb-nz logo
Story image

Prevasio unveils threat analysis sandbox for containers

13 Jul 2020

Prevasio today emerged from stealth with the launch of the industry’s first dynamic threat and vulnerability analysis system for Docker containers. Prevasio Analyzer allows enterprises to easily integrate, monitor, and guarantee the security posture of containerized services and applications, ensuring the readiness for production throughout their CI/CD release process. IT professionals are welcome to check for any security gaps in their container images at prevasio.com at no charge.

“Coming from a threat management background, we quickly realized that existing security solutions are relying only on static scans for containers. Some vendors misuse a 'dynamic scan' term. These solutions are not preventing any zero-day threats to modern cloud hosted applications,” says Prevasio CEO and cofounder Rony Moshkovich.

“Enterprises that embraced DevSecOps culture have long ago acknowledged the risks associated with Docker Containers. Until now, it was near impossible to make dynamic preventive assessment of a container before allowing it into the corporate infrastructure.”

“Prevasio's friendly SaaS self-service approach makes the prevention and CI/CD integration super easy without overburdening the end consumer’s IT and engineering teams with expensive deployments and saving on their resources to supervise uptime,” comments NTT Cybersecurity Australia national solution architect Vijay Chakravarthy.

“Released Group ventures is proud to back the first company capable of detecting stealth threats in Docker containers,” says early investor Released Group’s Nick Beaugeard.

How it works

Built as an elegant solution to a complex problem, Prevasio Analyzer provides a quick, easy and reliable way to dynamically analyse a Docker container image.

Prevasio Analyzer performs a smart detection of the tech stack and then attacks it with an automated full-scale penetration test that conforms to the cyber kill chain. The test consists of highly-tailored attacks that target the services running inside the analysed container with surgical precision. Prevasio carries out these operations in an isolated environment hosted outside the customer's infrastructure for a risk-free SaaS experience.

Prevasio Analyzer uses a proprietary Machine Learning (ML) classifier to distinguish malicious Linux executables within a container. The usage of ML allows Prevasio to detect zero day malware without using any signatures. As a result, Prevasio Analyzer is resistant to code modification techniques that are often employed by attackers to fly under the radar of signature-based detectors used by all existing container security vendors.

Prevasio lifts the bar by providing a visual graph of all system events that take place within a container. It understands the relationship between them, exposing events in such a way that the customers can effortlessly see and understand the risks. In one particular case, a visual of an unusually large number of geographically distributed hosts led the customer to a discovery of a hidden decentralized cryptocurrency mining application.

Users can sign up to Prevasio at no cost, receiving a free quota of 10 container image submissions. The generated reports are available online, in PDF, or JSON files. 

Prevasio accepts container image submissions in the form of Docker image files hosted in public or private Docker Hub, AWS, Azure, and GCP repositories. Enterprise pricing is based on deployment size. 

About Prevasio

Prevasio was founded in 2020 by a group of DevOps and threat research experts. The company aims to bridge the gap between DevSecOps and threat research, allowing IT professionals to look at containers from a vastly different perspective - through the eyes of attackers.

Link image
How to prioritise metrics as an e-commerce CTO
E-commerce technology leaders need to track, analyze, and act on large volumes of business and system performance data. Danny Miles, the CTO of Dollar Shave Club, shares a powerful framework for thinking about and prioritizing e-commerce metricsMore
Story image
Interview: Acronis co-founder on going all-in for DLP
Data-loss prevention (DLP) strategies are a cornerstone of wider cybersecurity ecosystems, especially to counter the risks of remote working. Acronis co-founder Stas Protassov explains its significance and why it acquired a DLP powerhouse.More
Story image
Why answering the question of orchestration vs automation will improve your security effectiveness
Organisations are looking to improve their security operations effectiveness, efficiency, and staff satisfaction, with security, orchestration, automation and response (SOAR) fast becoming a trending approach. More
Story image
Forescout and ServiceNow advance tech partnership to protect critical infrastructure
Forescout and ServiceNow have announced they are advancing their partnership for enhanced operational technology (OT) and industrial IoT capabilities, with an aim of helping organisations to protect critical infrastructure from cyber threats.More
Download image
Strengthen the weakest link in your security chain
Globalisation. Remote working. High-turnover workforces. These factors and more add up to make increasingly dynamic workforces - and without proper management, your business could fall behind.More
Story image
OkCupid website and app found to have significant security flaws
The popular online dating service has been found to have several vulnerabilities which, if exploited, could put the private data of users in danger of being stolen.More