SUSE Security (formerly NeuVector)

Full Lifecycle Container Security

SUSE Security is the only fully open source, Zero Trust container security platform. SUSE Security offers enhanced runtime security, advanced threat detection, and expanded compliance features.. Continuously scan throughout the container lifecycle. Remove security roadblocks. Bake in security policies at the start to maximize developer agility.

Why SUSE Security?

Enterprise-grade container security

Safeguard your cloud native applications from build to deployment with vulnerability scans, image assurance, advanced runtime security, and network segmentation.

Zero trust protection

Ensure your environment’s integrity with strict policies that protect assets, control access, and implement continuous verification. SUSE Security offers deep integration with Kubernetes security policies, ensuring tighter control and compliance across all deployments.

Straightforward compliance

Achieve regulatory compliance and governance with built-in audits and reporting, including enhanced reporting capabilities for PCI DSS, HIPAA, and GDPR. Simplify incident investigations with real-time visibility across detailed logs and reports.

Easily secure DevOps

Seamlessly incorporate robust security into existing DevOps workflows with automated security policies and CI/CD pipeline integration. SUSE Security streamlines this process with improved automation features and extended CI/CD integration, ensuring that security is consistently applied across all stages of development.

SUSE Security Prime’s Top Features

Kubernetes-native, Fully Open Source, and Built on Zero Trust Security principles

Profile Risk with Vulnerability Management

• Scanning and admission control during build, test, and deployment.
• Scans containers, hosts, and orchestration platforms during run-time.
• Audits host and container security with Docker Bench and Kubernetes CIS Benchmark for security tests.
• Risk Scores and Compliance Reports.

Protect Data in Production

• Protect containers against attacks from internal and external networks.
• Real-time identification and blocking of network, packet, zero-day, and application attacks like DDoS and DNS.
• AI-driven anomaly detection provides even greater accuracy in identifying and mitigating threats. Identify and block at Layer 7 between container and pod pairs

Automated Prevention and Policy

• DevOps teams deploy new apps with integrated security policies to ensure they are secured throughout the CI/CD pipeline and into production.
• Discover application behavior and services to isolate them from attacks.
• Simplified policy management with an enhanced user interface and new policy templates, making it easier to enforce security best practices. Streamline communication between security and development.

Integrations and Platforms

• Runs on all major cloud platforms including AWS, Azure, and Google Cloud Platform.
• Integrates with all leading CMPs including Rancher, RedHat OpenShift, and more.
• Supports SYSLOG and webhooks for notifications into alerting systems.
• LDAP integration and single sign-on with SAML support.