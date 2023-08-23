Containerized applications bring many benefits \u2014 they are a fast way to deploy software across multiple computing environments. But securing containers is a challenge, since their unique attributes, particularly their ephemeral nature, means that they have been treated differently by security professionals in comparison to other endpoints.\n\nPenetration testing and offensive assessment, for example, are rarely performed on containerized systems, notes Spencer Thompson, co-founder and CEO of Prelude Security. That\u2019s a problem, since containers are still internet-facing devices and can have the same vulnerabilities.\n\nPrelude Security\u2019s latest enhancement to its Probes product offering is designed to help CISOs by letting users run continuous security tests on production endpoints \u2014 whether they\u2019re running Linux, macOS, Windows, or are containerized.\n\nGranular vulnerability testing for containers\n\nThe company\u2019s Probes \u2014 which are tiny processes, between 1KB and 2KB in size \u2014 will now function properly in containerized environments, enabling far more accurate and granular vulnerability testing than was previously possible, according to a company announcement Wednesday. Each probe can actively test for known CVEs and report back to a central web console.\n\nProbes are dormant most of the time, according to Thompson, and don\u2019t require root permissions to function. They can be installed using scripts or via a Docker extension.\n\nThe use of even a small-process agent lets Prelude identify not only potential vulnerabilities, but also decide whether or not those vulnerabilities are exploitable, as Probes will attempt to exploit any that it finds in a non-invasive way.\n\n\u201cYou\u2019ll see lots of organizations that will have, say, thousands of devices and potentially millions of vulnerabilities,\u201d Thompson said. \u201cNow you have all the steps underneath that are basically creating a priority set to say, there\u2019s not a million theoretical vulnerabilities, there\u2019s 12 containers that you need to pay attention to because they\u2019re in an unprotected state right now.\u201d\n\nThe new Probes allows users to deploy them whenever a new container is deployed.\n\n\u201cThe probe can be ephemeral or persistent,\u201d he said. \u201cSo you can use it if you have containers that you\u2019re basically using as persistent VMs, and you can run it where you\u2019re tearing [a container] down 50 times a day.\u201d\n\nPrelude was founded in 2020, and it\u2019s backed by several venture capital firms, as well as investments from Crowdstrike. Those investments have also prompted a partnership between the two companies, aimed at bringing Prelude\u2019s technology to Crowdstrike\u2019s Falcon platform.\n\nPrelude\u2019s Probes are free to use on up to 25 endpoints at a time, and are available on a price-per-host basis beyond that, with a token system set up to help address the fluid nature of containerized systems. They\u2019re available now.