Container Security Features

Read what people say are the most valuable features of the solutions they use.
PIERRE BOINNARD says in a Docker review
CEO and owner at m3production
Manage complex application architecture and installation procedure in simple text files. View full review »
DimaDorofeyev says in a Google Kubernetes Engine review
Senior DevOps/Build Engineer at a tech services company with 10,001+ employees
Kubernetes Engines is easy to deploy and manage. View full review »
Renato Ribeiro says in a Docker review
Senior IT Consultant
The most valuable features of this solution are scalability and agility. It is easy to manage and deploy. View full review »
Balamurali P says in a Google Kubernetes Engine review
Solution Architect at Tata Elxsi
The CLI commands are good. View full review »
PrincipCl677 says in an Aqua Security review
Senior Principal Consultant Cloud/DevOps/ML/Kubernetes at a tech services company with 11-50 employees
We find the Docker and Kubernetes support for container security most valuable. View full review »
Vinod-Gupta says in a Docker review
CEO and Founder at Indicrypt Systems
The most important thing that my clients focus on is rapid deployment. In this regard, Docker wins hands-down. View full review »
Rama Susarla says in a Docker review
Transformation Leader at TEKsystems (ex Aston Carter)
The main Docker feature is the repository where you can store images.T he image is available and you can read parts of those images. You can use it for your local development and QAs. That's the most basic Docker basic feature. Secondly, we like the footprint that Docker requires to construct an environment. The third most important aspect is maintenance. You won't have to rely on third-party support. If you have the full environment control, you will be able to maintain Docker containers on your own. Or you can just destroy them and construct a new container, i.e. add them when you want to, ephemeral and mutable objects. View full review »
Senior Security Specialist at a tech services company
The most valuable feature is the virtual patching. This offers protection of the application before it can be patched by the actual vendor. View full review »
Owner at SIS International HK Limited
Application Dependency Map. View full review »
reviewer1100100 says in a Docker review
User
The most valuables features are its ease of use and ease in setting up environments. View full review »
Rayees Tamton says in a Trend Micro Deep Security review
Data Center Manager/Support Delivery Manager at Salam Technology
The most valuable features are web security, email filtering, and content filtering. The user interface is very friendly, and it is easy to control things from the policy. View full review »
Vyacheslav Balvinskiy says in a Google Kubernetes Engine review
Head of Infra and Applications support department at a financial services firm with 201-500 employees
The most valuable feature is the horizontal staging of applications. Other important features include isolation of applications and more effective usage of infrastructure due to less consumption of resources by containers. View full review »
MangingDir45657 says in a Symantec Data Center Security review
Managing Director at a tech services company with 51-200 employees
The most valuable feature is that the protection of the hard disk security is built in, so it is a ready-to-use product. The monitoring in the management console allows us to find out what is going wrong, and it gets reports even before the user reports it. Having it in advance of the user is important because it takes time to comprehend. Once we know what is going on and who is doing it, we can act accordingly. We have created our own workflow mechanism as an outcome of this, and we can update the identity and provisioning if any modifications need to be done. View full review »
reviewer1087347 says in a Twistlock review
User
The most valuable feature is the automated forensics. View full review »
Skyler Cain says in a Threat Stack review
Software Development Manager at Rent Dynamics
The most valuable feature is the SecOps because they have our back and they help us with the reports. We jump on calls monthly to set goals and roadmaps internally for how we can secure our platform more. Their SecOps program is absolutely amazing when you do not have a dedicated resource for security. Currently, we have 57 servers with the Threat Stack agent. We have about 70 servers in total. When you get to that point and you're running microservices, there's no good way to have all that data coming in from all those servers and have a system. The Threat Stack agent is providing the data. But even if we have the data, I have no time or expertise to know exactly what to look for in a log and what should alert me. Whereas their SecOps program is experienced, they know what to look for, they can continually adjust and look at the accounts. They can understand our behavior and know that something that doesn't look good is okay or we're allowing it, and then they can filter back those notifications. It's like having an extension of your team. And then, it grows with you. If I were to hire somebody tomorrow, one security guy is not enough, but that person could directly work with the SecOps program and get up to speed, and then start taking over some of the manual toggles. And then eventually, in a year or however long, we could phase out the SecOps program. Or we could decide, no, we're not going to do that, we're just going to continue to leverage it and not built out an internal security team. The flexibility of it is just amazing. View full review »
Eric Cohen says in a Threat Stack review
Sr. Director Information and Security for PureCloud at Genesys Telecommunications Laboratories
The number-one feature is the monitoring of interactive sessions on our Linux machines. We run an immutable environment, so that nothing is allowed to be changed in production. All changes have to happen in development, and then new systems are built in production. The only thing that is allowed in production is troubleshooting, find out what the issue is, but then it has to be fixed in development. We're constantly monitoring to make sure that no one is violating that. Threat Stack is what allows us to do that. The solution's ability to consume alerts and data in third-party tools, via APIs or via export into S3 buckets, is working very well. We use the API to send monitoring to PagerDuty. And we've started using the API into other systems. We have it going out to a Slack channel, we've got some going into our automation. We're doing more and more with the alerting now. We're working directly with Threat Stack to use their APIs as they've recently been expanded. We're logging into S3 to do a little more in-depth research on what our alerts are, and we're also consuming CloudTrail events, which is a fairly recent update to Threat Stack, enabling us to alert on suspicious activity in CloudTrail. View full review »
Directoree59 says in a Threat Stack review
Director of Security at Eventbrite
We like the ability of the host security module to monitor the processes running on our servers to help us monitor activity. We want to make sure that there are no bad people on our machines. This has the ability to detect those bad people or bad processes on the machines. The rules are really great. They give us more visibility and control over what's being triggered. There's a large set of rules that come out-of-the-box. We can customize them and we can create our own rules based on the traffic patterns that we see. The rules did take quite a bit of customization and configuration right off the bat because a lot of the way that we do the release of our code and products creates a significant amount of noise. The real signal, the security signal, would have been lost in all that noise. So we had to customize the rules fairly significantly in order to filter out that noise. View full review »
Chris Murdock says in a Threat Stack review
Security Architect at a tech services company with 201-500 employees
We enjoy the AWS Config audit within Threat Stack. This allows us to quickly score our AWS accounts against known, good configurations, then receive a letter grade which is easy to understand, as well as suggestions for plans to improve those scores and remediate issues. View full review »
Kevin Johnson says in a Threat Stack review
Lead Security SRE at InVision
The endpoint security monitoring, the AWS security monitoring, ties all of these things together in a way that we can make sense of data that, before, wasn't available or tied. For example, if we have a security event on an EC2 instance, we can correlate that to a security event on AWS on the management platform. The threat detection pieces of it are our most valuable resource, and right behind them is configuration monitoring. Those are the two highest risks to our environment. In terms of using this solution for container and Kubernetes monitoring, that's a pretty new feature and it's definitely coming along. I think they're very good at it right now, and they keep adding features, so we're pretty happy with that at the moment. The tuning process is pretty straightforward. Their rule sets are easy to understand. The UI is set up in a way where it's really easy to modify false-positive alerting. It's one of the more low-stress tuning operations I've ever done, compared to other endpoint security products, or ITS-type engines. View full review »
Vincent Romney says in a Threat Stack review
Director of Information Security at Younique Products
It has been quite helpful to have the daily alerts coming to my email, as well as the Sev 1 Alerts. Anything that pops a Sev 1 comes directly to my email. Most recently we started getting those monthly evaluations and that's definitely helped us with our overall security stack, as far as how we're dealing with things in AWS. The dailies have been most helpful. We just went through a SOX audit and those were pivotal. We're using it on container to see when activity involving executables happens, and that's great. We're not using a Kubernetes at this stage. As far as alerts go, we can write our own rules. I continue to tweak rules, modify rules, etc. That's a big deal for us so that we're getting relevant information, but not miss other information. It is fairly easy to tune. The ability to fine-tune rules and write new rules is very straightforward. It doesn't take much learning at all. View full review »
user9776 says in a Tripwire IP360 review
Pre-Sales Specialist at a tech services company with 51-200 employees
The most valuable feature would be the command app to control feature. It's not hugely utilized. It can go a lot further. It can be used a lot more because it can drift over into spaces from telephoning, where you have certificate expiry and it's easy with a couple of scripts to control expiry or certificates for everything else for outages with a call center solution. There are multiple areas where the product can quickly adapt by using upper command control to immediately solve a lot of issues where you don't need to look at other products. View full review »
Matthew White says in a Trend Micro Deep Security review
Production DBA at a financial services firm with 51-200 employees
* IDS/IPS * Host-based firewall I am also currently looking into the newer integrations with our various other security tools. View full review »
Luis Henriquez says in a Trend Micro Deep Security review
Hewlett Packard Enterprise Solution Architect at a tech services company with 11-50 employees
* Security capabilities in a Smart Scan Agent. * It provides full protection against vulnerabilities. * It has the ability to assume and maintain several IT requirements. View full review »
ReviewerDJ59 says in a Docker review
Applications Lead at a comms service provider with 1,001-5,000 employees
The commissioning is very fast. View full review »
Jorge Gracia says in a Docker review
Cloud sales & support for rackspace with 11-50 employees
The most valuable aspect is the excellent support. In addition, the billing system is really easy to understand. View full review »
Sign Up with Email