VMware has unveiled container runtime security capabilities for its Carbon Black Cloud platform, which is used to secure endpoints and workloads. The Carbon Black Cloud platform was first published in late 2020, with the goal of providing visibility into on-premises and public cloud Kubernetes clusters in order to discover misconfigurations and other security issues. Its capabilities stem from VMware’s acquisition of the Kubernetes security firm Octarine two years ago. VMware added support for container image scanning and hardening to the platform early last year.

Runtime cluster image scanning, Kubernetes visibility mapping, workload anomaly detection, egress, and ingress security, and threat detection are among the recently released runtime security features for the Carbon Black Cloud.

VMware believes that when combined with existing compliance and hardening, the platform can assist security and DevOps teams in securing containers throughout the whole application lifecycle.

The current Carbon Black Cloud risk management tool scans all container images during the construction process to identify safety hazards before they are used in production. Additionally, a working time security service expands the image scanning feature in Kubernetes collections, whether locally or in the cloud.

It means that security teams and DevOps are no longer limited to images that go through continuous integration, a continuous delivery pipeline (CI / CD), but can scan images in real-time.