Trend Micro

Automates Secure DevOps with Deep Security Smart Check

Overview

Since the company’s establishment, Trend Micro has aimed to make a world safe for exchanging digital information by providing many innovative security solutions. As a result, it has engaged in initiatives, including the deployment of many of the latest technologies within the company’s own IT environment. The knowledge accumulated through being the first to apply Trend Micro security solutions has become a key component in proposals for new customers.

Trend Micro has been operating Deep Security™ Smart Check solution since its original inception, working closely with their research and development (R&D) teams to solve product issues and provide feature enhancements. From a technology and security perspective, Trend Micro Container Specialist, Andrea Wang, along with the Global Technology and InfoSec teams, must manage a significant number of container images. They assure the security and integrity of all container images—in order to support over 6,000 employees, with infrastructure spread across three continents in numerous different data centers—by using Trend Micro Deep Security Smart Check.

Challenges

Managing an environment of this scale is complex and holds many challenges. For example, if malware or vulnerabilities exist in the image, they become a risk to the environment when the image is run. “It was essential for Trend Micro to enhance the security and administration of container images and automate many repetitive and time consuming tasks via Deep Security Smart Check”, says Andrea Wang, Trend Micro Container Technology Specialist.

Deep Security Smart Check integrates seamlessly into the existing environment and streamlines all aspects of scanning and validating container images, enabling the seamless automation of security in the DevOps pipeline. Deep Security Smart Check provides a single pane of glass for management of all container images. This provides a summarized view of the entire infrastructure through an easy-to-use dashboard to quickly drill down into any individual images if vulnerabilities or malware threats are identified, also providing instant feedback to developers and application owners via Slack messaging service.

Solution

Deep Security Smart Check performs pre-runtime scans of Docker images to detect OS vulnerabilities and malware, enabling you to fix issues before they reach the orchestration environment (for example, Kubernetes).

In addition, Deep Security Smart Check receives up-to-date threat data from private Trend Micro endpoints. Smart Check obtains malware information from the Trend Micro Smart Protection Network ™ and, for Windows images, detects threats using Trend Micro XGen™ machine learning algorithms. Deep Security Smart Check will find vulnerabilities in these Linux® distributions:

  • Red Hat® Enterprise Linux
  • CentOS™
  • Oracle® Linux
  • Ubuntu™
  • Debian®
  • Alpine™
Trend Micro capabilities

Smart Check Dashboard and Scan Results

"It was essential for Trend Micro to enhance the security and administration of container images and automate many repetitive and time consuming tasks via Deep Security Smart Check."

Andrea Wang
Trend Micro Container Technology Specialist

Results

Trend Micro uses Jenkins® for CI/CD to automatically build, test, and then push secure Docker images to corporate registries. Once pushed, the image may be instantly available to run securely in an orchestration environment. Since images are intended to be immutable, the right time to scan the image is when it is first pushed to the registry. This enables Trend Micro to bake in security from the very start of the development pipeline, promoting secure coding and automating secure DevOps.

The Smart Check API includes a webhook facility that allows CI/CD components to register and receive notifications of scan events, including the ‘scan-completed’ notification that allows Trend Micro to automate workflows. For example, webhooks are used to call a receiver service that forwards scan results to Slack channels, keeping teams informed of any vulnerabilities or malware that needs to be addressed.

What's Next

Once additional features become available, they are released and enabled to leverage the most optimal security features available in Deep Security Smart Check. Real-Life operational scenarios from the Trend Micro team are fed back to R&D to provide additional SecOps automation with enhanced integration to Deep Security. This helps automatically secure workloads operating on images that Deep Security Smart Check has detected as vulnerable.