Cado Security has announced its revolutionary new capacity to conduct forensic investigations in distroless container environments. This new feature eradicates previous visibility gaps posed by such environments and offers enhanced insight into cloud risk.
Distroless containers, though beneficial for their efficiency and heightened security measures, notoriously conceal large blindspots for security procedures; their minimalist design lacks standard OS elements such as shell utilities and package managers. Until now, performing an investigation in these specific environments was unachievable, leaving a considerable vulnerability in security protocols.
Chris Doman, CTO & Co-Founder at Cado Security, notes the increasing usage of distroless containers. “Distroless containers promise agile deployment and increased security. However, their minimalist design introduces complexities when it comes to investigation and response. This rapidly emerging security challenge is pertinent as millions of distroless containers are being used by companies worldwide. We are addressing this with the world’s first and only solution to perform forensic investigations in these environments. Our offering provides much-needed visibility for security teams.”
Cado Security’s unique solution sets precedence in addressing the unusual challenges posed by distroless containers. Cado’s unmatched, patent-pending method collects data from distroless and private clusters without impacting the target container. This enables instant investigation and includes data gathering from running processes, essential log files and forensic artefacts. Cado also applies its formerly open-sourced “varc” toolset to collate memory from individual processes for forensic examination. Cado seamlessly integrates this collated data into its platform for extensive visibility into potential cloud risk.
This development comes as a major breakthrough for security professionals and businesses alike. They can now leverage this innovation to systematically and purposefully investigate security issues in distroless containers—a task that was previously thought impossible. This will enable an in-depth understanding of the root causes, scope, and impacts of malicious activities detected within these environments, thereby improving cloud security.
About Author
