Palo Alto Networks focuses on container security

Get a free Techzine subscription!

Palo Alto Networks is investing heavily to expand its portfolio. This by further developing its own products and acquiring other companies. Container security has played a prominent role in this growth strategy for a number of years now. We spoke to Director Systems Engineering Northern Europe Mike Remmerswaal.

Initially, our meeting with Remmerswaal was meant to zoom in on the massive cloud adoption in recent months and what influence cloud adoption has on companies’ network and security approach. Palo Alto Networks sees that organisations are embracing a diversity of cloud technologies. According to the company’s research, hybrid environments are now the norm: on average, 52 per cent of workloads are hosted on public cloud servers, compared to 48 percent on private servers. More than nine out of ten companies now use more than one type of cloud platform.

However, the rate of adoption does not eliminate complexity and challenges. Along with technological complexity and compliance, security is the top three slowing causes of cloud adoption. Palo Alto Networks also states only 18 percent of organisations are well prepared for the security needs of the cloud.

Role of containers

Remmerswaal, in his position at Palo Alto Networks, mentions, in particular, how cybersecurity changed as a result of the cloud. “From inline security, you go much more to cloud security,” Remmerswaal says. He points out the old approach, where you build security mechanisms into the network architecture to secure traffic, is no longer sufficient. Companies embrace all kinds of newer technologies, which means they have to think about security in a completely different way. Embracing the cloud can, therefore, best set in motion a reassessment of the security strategy.

One of the most interesting developments in this respect is the role of containers. After all, how companies develop applications has changed drastically. Applications are split up into microservices that integrate and use the resources they really need. In this case, containers are useful as a method of packaging the software. Thanks to containers, new services can be developed quickly, and applications are less dependent on the underlying platform. Remmerswaal says containers are ideal for developers.

According to Remmerswaal, this was particularly visible when companies responded en masse to the corona crisis. The choice for the cloud and containers was logical for many organisations, from large enterprise organisations to smaller companies. “Companies that were already talking about cloud adoption went right into it. And the companies that were considering the cloud are completely over it. Even companies that were not very open for the cloud are now making a move,” says Remmerswaal. Therefore, in practice, he sees mixed forms, with application development in particular often taking place in the cloud.

Also read: Palo Alto Networks wants to be the central point for corporate networks

More risks

The popularity of the cloud and containers is logical because of these advantages, but it also leads to new security risks. The attack surface is only increasing because new applications, configurations and APIs are being used. In addition, security risks arise from old ways of working. Palo Alto Networks regularly encounters companies with too many security and management tools so that not every solution is deployed properly. Palo Alto Networks also sees that teams and employees sometimes work too separately within organisations. A unified approach can be an improvement, where development, security and infrastructure come together more.

Investments to bring security to the next level

Palo Alto Networks has been aware of these developments for some time, Remmerswaal says, but what particularly stands out is how quickly containers are being adopted at the moment. Research & Development has therefore invested a lot in optimising its products for the cloud and containers. What does that mean for the firewalls that Palo Alto Networks is traditionally known for? “Our Next-Generation Firewalls are designed for the hybrid cloud, particularly in large companies. This gives you a breakout from the cloud as well, so you don’t have to go back to the data centre for a backhaul first”, explains Remmerswaal. It means that access to the cloud is faster than first sending traffic to your own data centre. This development is, among others, directed towards the CN series, the firewalls made for container platform Kubernetes. This firewall is installed on the host and inspects traffic on the server and other traffic. This includes inspecting containers but also serverless platforms.

Palo Alto Networks is also expanding its Prisma Cloud for additional container security. This is the security platform that companies can use to secure hybrid and multi-cloud deployments. Prisma Cloud offers various components for this purpose. We asked Remmerswaal to specify exactly what innovations have been brought to this platform to take container security further. Remmerswaal particularly praised the addition of the technologies of Twistlock and Bridgecrew. Both companies were acquired for hundreds of millions because of the role they can play in cloud security. Twistlock has been part of Palo Alto Networks for about two years and is now well integrated into Prisma Cloud. For example, you can download software to protect containers using TwistLock’s vulnerability management and runtime defense capabilities. Secondly, there is Bridgecrew technology, the company that has been part of Palo Alto Networks since February. Bridgecrew brings scanning functionality to Prisma Cloud, making it possible to scan for malware and open source vulnerabilities while developing new software. This way, the developer knows if good code is being used.

Strategy continues to develop

Remmerswaal makes it clear that the combination of innovations, from Palo Alto Networks itself or from acquisitions, jointly help to secure security. He particularly praises the possibilities of Bridgecrew, because by scanning for vulnerabilities early on in the development process, quite a few risks are eliminated. We can expect more of this Infrastructure as Code (IaC) functionality and the total container approach from Palo Alto Networks in the future. Because although steps have been taken to secure containers, Palo Alto Networks is also known for its urge to add new functionality.

Tip: Demisto brings automation and orchestration to Palo Alto Networks