Non-disruptive deception platform protects containers against cryptojacking and other malicious attacks
WALTHAM, Mass. – TrapX Security, the global leader in deception-based threat detection and response, today announced the launch of TrapX DeceptionGrid™ 7.2 featuring a new capability to protect containerized environments such as Kubernetes. TrapX DeceptionGrid secures container environments across on-premises and cloud infrastructures (AWS, Azure), independent of attack vectors. By detecting advanced cyber-attacks and providing visibility into attempts to exploit applications’ vulnerabilities and lateral movement between containers, DeceptionGrid 7.2 delivers comprehensive protection for enhanced incident response and active defense.
“Many believe that containers improve application isolation and are easy to patch, and that isolation is established by default to limit container access to required resources only,” said Steve Preston, TrapX CEO. “But experience has shown that this technology is vulnerable to malicious attacks. Container-specific security is critical to protecting applications and compute resources from cryptojacking and other threats, without getting in the way of development, integration and delivery practices.”
Cryptojacking can quickly drain an entire system’s resources and disrupt every application in the cluster, essentially putting physical or virtual machines under a denial of service (DoS) attack. In addition to draining resources, this attack method can also allow attackers to exfiltrate data from the applications running on the cluster.
TrapX DeceptionGrid detects cyber-attacks, like cryptojacking, and provides visibility into attempts to exploit applications’ vulnerabilities and lateral movement between containers. It creates a prepackaged deceptive Kubernetes pod with a trap container, which communicates with the TrapX Security Operations Console (TSOC) and runs emulations that fool attackers into interacting with them, imposing risk back onto the attacker by distracting, diverting, and detecting malicious activity.
Organizations can deploy as many TrapX deceptive pods as necessary to any node or create an entire deceptive node of deceptive pods for non-disruptive protection across a broad array of systems and devices.
New for DeceptionGrid 7.2
DeceptionGrid™ is powered by patented TrapX technology that delivers the power of deception without the overhead, in addition to breakthrough container security. The latest version includes:
Detection of the SolarWinds Sunburst backdoor
Enhanced detection of supply chain attacks like Kaseya
Detection of attempts to exploit the PrintNightmare vulnerability
“The threat landscape has permanently changed,” said Guy Waizel, TrapX COO. “Next-level attacks are invisible to legacy security technology, leaving systems and devices exposed and vulnerable. TrapX DeceptionGrid fills a vital gap in layered cybersecurity, providing protection for the expanded attack surface and the power of active defense.”
All the latest TrapX features, including DeceptionGrid for containers, is available for download as part of DeceptionGrid 7.2. To learn more, read the solution brief.
About TrapX Security
TrapX has created a new generation of Deception technology that provides real-time breach detection and prevention. Our proven solutions immerse real IT assets in a virtual minefield of traps that misinform and misdirect would-be attackers, alerting SOC teams to malicious activity with immediate, actionable intelligence. Our solutions enable our customers to rapidly isolate, fingerprint and disable new Zero-Day attacks and APTs in real-time. TrapX Security has thousands of government and Global 2000 users around the world, servicing customers in manufacturing, defense, healthcare, finance, energy, consumer products and other key industries. For more information, visit www.trapx.com.
SOURCE TrapX Security Inc