sb-as logo
Story image

Prevasio unveils threat analysis sandbox for containers

13 Jul 2020

Prevasio today emerged from stealth with the launch of the industry’s first dynamic threat and vulnerability analysis system for Docker containers. Prevasio Analyzer allows enterprises to easily integrate, monitor, and guarantee the security posture of containerized services and applications, ensuring the readiness for production throughout their CI/CD release process. IT professionals are welcome to check for any security gaps in their container images at at no charge.

“Coming from a threat management background, we quickly realized that existing security solutions are relying only on static scans for containers. Some vendors misuse a 'dynamic scan' term. These solutions are not preventing any zero-day threats to modern cloud hosted applications,” says Prevasio CEO and cofounder Rony Moshkovich.

“Enterprises that embraced DevSecOps culture have long ago acknowledged the risks associated with Docker Containers. Until now, it was near impossible to make dynamic preventive assessment of a container before allowing it into the corporate infrastructure.”

“Prevasio's friendly SaaS self-service approach makes the prevention and CI/CD integration super easy without overburdening the end consumer’s IT and engineering teams with expensive deployments and saving on their resources to supervise uptime,” comments NTT Cybersecurity Australia national solution architect Vijay Chakravarthy.

“Released Group ventures is proud to back the first company capable of detecting stealth threats in Docker containers,” says early investor Released Group’s Nick Beaugeard.

How it works

Built as an elegant solution to a complex problem, Prevasio Analyzer provides a quick, easy and reliable way to dynamically analyse a Docker container image.

Prevasio Analyzer performs a smart detection of the tech stack and then attacks it with an automated full-scale penetration test that conforms to the cyber kill chain. The test consists of highly-tailored attacks that target the services running inside the analysed container with surgical precision. Prevasio carries out these operations in an isolated environment hosted outside the customer's infrastructure for a risk-free SaaS experience.

Prevasio Analyzer uses a proprietary Machine Learning (ML) classifier to distinguish malicious Linux executables within a container. The usage of ML allows Prevasio to detect zero day malware without using any signatures. As a result, Prevasio Analyzer is resistant to code modification techniques that are often employed by attackers to fly under the radar of signature-based detectors used by all existing container security vendors.

Prevasio lifts the bar by providing a visual graph of all system events that take place within a container. It understands the relationship between them, exposing events in such a way that the customers can effortlessly see and understand the risks. In one particular case, a visual of an unusually large number of geographically distributed hosts led the customer to a discovery of a hidden decentralized cryptocurrency mining application.

Users can sign up to Prevasio at no cost, receiving a free quota of 10 container image submissions. The generated reports are available online, in PDF, or JSON files. 

Prevasio accepts container image submissions in the form of Docker image files hosted in public or private Docker Hub, AWS, Azure, and GCP repositories. Enterprise pricing is based on deployment size. 

About Prevasio

Prevasio was founded in 2020 by a group of DevOps and threat research experts. The company aims to bridge the gap between DevSecOps and threat research, allowing IT professionals to look at containers from a vastly different perspective - through the eyes of attackers.

Story image
RedShield develops 'virtual shield' to protect against SAP RECON vulnerability
The vulnerability (CVE-2020-6287) could allow attackers to take over SAP systems by remotely accessing the server. More
Story image
Attivo Networks improves EDN solution with advanced features
“By detecting unauthorised ingress and egress connections both at the source and at the destination, security defenders gain real-time visibility along with conclusive detection alerts.”More
Story image
Adobe, IBM and Red Hat partner up to accelerate DX and real-time data security
"As companies undergo their digital transformations and move core workloads to the cloud, the entire C-suite is facing a re-framing of their roles to meet customer demands – all while keeping security front and centre."More
Story image
Video: 10 Minute IT Jams – Who is Claroty?
Its focus is on simplifying OT availability, reliability, and safety for a more secure working environment – without requiring downtime or dedicated teams.More
Story image
7 VPN services leaked data of 20 million users - report
"The report calls into question the providers’ security practices and dismisses their claims of being no-log VPN services."More
Story image
Why greater network visibility is needed to reduce the threat posed by IoT in the enterprise
At home and abroad, organisations have joined the rush to embrace Internet of Things (IoT) technology, but a new survey shows they’re only just beginning to wake up to the enormous risk those devices pose, writes ExtraHop A/NZ Regional Sales Manager Glen Maloney.More