Less than three months after acquiring NeuVector, Suse has released the code for the container runtime security platform on GitHub under an Apache 2.0 licence.
Container runtime security is a new concept in which developers aspire to continuously safeguard their ephemeral cloud-native workloads, from hardening a Kubernetes cluster to screening for unexpected behaviours within containers after they go into production.
With well-funded startups like Deepfence, Sysdig, and Aqua Security battling it out with established players chasing this market, such as Palo Alto Networks with TwistLock, Red Hat with StackRox, and now Suse with NeuVector, there has been something of an industry land grab.
Continuous vulnerability scanning throughout the container lifetime, end-to-end runtime security, deep network visibility across pods, and container segmentation for enhanced compliance are just a few of NeuVector’s features.
Any CNCF-certified Kubernetes cluster can now use NeuVector container images. It will also be provided through Suse’s own managed container platform, Rancher, where it will be accessible via the application catalogue.
“We strongly believe this move will help drive significant ecosystem innovation in Kubernetes security – an industry that has traditionally been dominated by closed-source, proprietary solutions,” Rancher cofounder and now president of engineering and innovation at Suse, Sheng Liang, wrote in a blog post.
“The work to fully open source a formerly proprietary technology is a testament to Suse’s open-source culture and our commitment to deliver open, interoperable, and innovative solutions to our partners and customers,” Liang wrote.