Provides Full Suite of Container Analyzers to Secure DevOps/GitOps Inside Your Preferred CI/CD Tool

Houston, TX, May 06, 2021 — Carbonetes delivers all of the security tools developers need to analyze the security of their containers in a single unified service. Backed by a unified policy engine and remediation recommendations, Carbonetes accelerates development, while ensuring policy compliance.
Centralized software development is a thing of the past. Kubernetes and containers have enabled microservices that evolve independent of each other at high velocity. Offshoring, Covid-19, and remote collaboration tools have accelerated this trend. Security has not kept pace with these trends. Distributed and independent development cycles have made security compliance a nightmare.
Until now, assembling a complete container security solution meant acquiring, learning, and maintaining a disparate collection of independent security tools. Some security vendors have responded with a conglomeration of tools that remind users of Frankenstein, with an odd assemblage of incongruous parts that are sure to scare the villagers. Carbonetes solves these challenges with a single unified service that addresses all your shift-left container security needs.
Carbonetes wins the hearts and minds of developers by helping them identify and resolve all container security issues faster. Instead of the traditional trade-off between code security and development efficiency, Carbonetes delivers both. “Carbonetes provides one-click analysis of all aspects of your containerized code, then evaluates those results against your security policy,” said Mike Hogan, Founder & CEO of Carbonetes, “you no longer have to piece together expensive on-premise security applications and multiple policies; Carbonetes does it all.”

Carbonetes Container Analyzers:

• Infrastructure as Code (IaC): Evaluate your IaC for best practices and minimize your attack surface.
• Software Composition Analyzer: Analyzes open-source tools for dependencies and vulnerabilities.
• License Analyzer: Creates a list of licenses associated with each open-source tool in the container.
• Configuration Analyzer: Identifies risks in container configuration, such as privilege, root access, scaling constraints, memory utilization, and more.
• Secrets Analyzer: Identifies sensitive data in the container that could be compromised, such as passwords, AWS keys, credentials, and more.
• Multi-Engine Vulnerability Analyzer: Provides best of class vulnerability analysis with threat levels, CVE details, and the location in code along with suggested fixes.
• Bill of Materials Analyzer: Analyze all of the layers and artifacts of your containers looking for outdated and insecure applications and libraries.

While developers love a single integrated security solution, they really don’t want to learn yet another tool, even one as elegant and efficient as Carbonetes. The company addresses this demand by delivering the full developer experience inside leading CI/CD tools such as Jenkins, TeamCity, CloudBees, Azure Pipelines, Drone, CircleCI, Bitbucket Pipelines, and GitLab Pipelines. Carbonetes also appeals to security professionals with a full-spectrum policy engine designed for distributed compliance. Security teams can define, test, tune, and enforce their security policies, or industry standard policies like CIS and NIST, uniformly across all the above analyzers. Carbonetes fits squarely in the realm of developer-centric shift-left container security. However, we are not oblivious to the industry trend of blending developer security and run-time security. Whether you practice GitOps, DevOps, or DevSecOps, there is a recognition that run-time and build-time fit together like chocolate and peanut butter. While IaC is one area of integration, shift-left tools gain considerable insight from run-time usage patterns when prioritizing threat levels. Run-time tools also benefit from continuous scanning to protect against stale images, outdated policies, and new vulnerabilities. The company is already addressing this challenge with run-time integrations like its plug-in for Mirantis Lens. By combining Lens and Carbonetes, your operations team gains visibility into the security of their containers in production, ensuring end-to-end security.
"We built Lens as a Kubernetes IDE - the one place that developers and platform engineers can access everything they need to be successful building and running cloud-native applications. With this new addition to our rapidly growing library of extensions, Lens puts the power of Carbonetes at the fingertips of developers and platform engineers, at the exact moment they need it and without interrupting their workflow," said Miska Kaipiainen, Senior Director of Engineering, Mirantis. By now, you are surely asking yourself: “This sounds amazing, how can I start using Carbonetes right now?” Carbonetes is available through AWS Marketplace and it offers a 30-day free trial. After the free trial, the service costs $40 per developer on the monthly plan and $32 on the annual plan.

Carbonetes delivers answers to some of the most concerning questions:

• Is my Infrastructure as Code (IaC) exposing an unnecessary attack surface?
• Am I using outdated and insecure libraries and apps?
• Do I have vulnerabilities in my code that hackers can exploit?
• Are my containers exposing secrets like passwords and AWS keys?
• Am I subject to open-source licenses that could jeopardize the company’s intellectual property?
• Do I have newly discovered vulnerabilities in my Kubernetes cluster?
• What code, libraries and artifacts are in my images, and are they outdated?
• Are my containers compliant with my company’s current security policy?

They say that a person is judged on the company they keep. Carbonetes’ advisory board is stacked with security industry visionaries including, Mike Viscuso (VC, Founder & former CTO of Carbon Black), Tom Barsi (VP Business Development Palo Alto Networks), Anthony Bettini (CTO White Hat Security, Tech Editor of Hacking Exposed), Jeremy Carlson (OEM Sales Kaspersky), and Brendan Hogan (Strategy & Business Development VMWare).

About Carbonetes:

Carbonetes was founded to solve the shift-left security challenges in a microservices world. If you want faster development, distributed security compliance, and the development and security teams to not only be on speaking terms, but to be friends, then Carbonetes is for you. Try it for free at https://aws.amazon.com/marketplace/pp/B08C6P4PFZ.

Mirantis Lens’ 1 million plus Kubernetes developers can now build secure code and ship it faster.

Houston, TX, November 12, 2020 - Carbonetes, a cloud native container security leader, announced a partnership and an extension for Lens - the Kubernetes IDE - that provides security insight and continuous scanning of pods in your Kubernetes clusters. Lens is the world's most popular Kubernetes IDE with more than 1 million downloads. The Lens Extension API and Extensions, made in collaboration with many popular CNCF projects, opens up the world to Kubernetes developers simplifying, creating, shipping, and running cloud-native applications. Carbonetes provides a developer-centric SaaS solution for analyzing your containers, comparing the results against your company policy and then automating the fix process. The typical trade-off between developer efficiency and security is no longer a trade-off, Carbonetes delivers both without compromise. Mirantis partnered with Carbonetes which delivers the most comprehensive shift-left container security by analyzing your container images for open source dependencies, code vulnerabilities, secrets, malware, and open source license risk. All of this can be integrated into your CI/CD pipeline for seamless automation without changing your current workflows. Using Lens Extensions, users can add custom visualizations and functionality to support their preferred cloud native technologies and to accelerate their development workflows. The extensions API will provide a wide array of options for extension authors to plug directly into the Lens IDE. “Lens’ is a powerful and popular tool that enables developers to ship code faster into Kubernetes clusters,” said Mike Hogan, CEO of Carbonetes. “Carbonetes complements this by enabling developers to build secure code faster. Together they deliver the agility and efficiency businesses need to innovate rapidly and safely.

Carbonetes’ Lens plug-in exposes security and policy history about the pods running in your Kubernetes clusters helping you identify and resolve security threats like stale images, configuration drift, exposure to new vulnerabilities, outdated policy, and more. Carbonetes’ goal is to seamlessly integrate security into existing workflows. Our plug-ins for popular CI/CD tools provide developers with a seamless integration for developers. Now the Lens plug-in seamlessly integrates security insight into Kubernetes operations as well.
“Extensions API will unlock collaboration with technology vendors and transforms Lens into a fully featured cloud native development IDE that we can extend and enhance without limits,” said Miska Kaipiainen, senior director of Engineering, Mirantis, and co-founder of Kontena, the company that initially developed Lens. “If you are a vendor, Lens will provide the best channel to reach tens of thousands of active Kubernetes developers and gain distribution to your technology in a way that did not exist before. At the same time, the users of Lens may enjoy quality features, technologies and integrations easier than ever.”

Download Lens from the project website https://k8slens.dev

About Mirantis

Mirantis helps organizations ship code faster on public and private clouds. The company provides a public cloud experience on any infrastructure from the data center to the edge. With Lens and Mirantis Container Cloud, Mirantis empowers a new breed of Kubernetes developers by removing infrastructure and operations complexity and providing one cohesive cloud experience for complete app and devops portability, a single pane of glass, and automated full-stack lifecycle management with continuous updates.

Mirantis serves many of the world’s leading enterprises, including Adobe, DocuSign, Liberty Mutual, Nationwide Insurance, PayPal, Reliance Jio, Splunk, and STC. Learn more at www.mirantis.com.

About Carbonetes

Carbonetes enables software developers to code faster, while making their containerized code more secure. Carbonetes scans your open source components and containers to find and recommend fixes. Carbonetes analysis is unparalleled, checking for vulnerabilities, open source dependencies, license issues, secrets, bill of materials, and malware. The three-step process - analyze, evaluate against policy, and recommend fixes - is automated and seamless, making development faster and more secure. Plug-ins for leading CI/CD tools mean your pipelines and workflows remain the same. Try Carbonetes for free.

Cloud Native CAST Start-Up Launches with Industry Veteran Advisors from VMware/Carbon Black, Kaspersky and White Hat Security

Houston, TX, July 22, 2020 - Carbonetes, the industry’s first comprehensive, cloud native container application security testing (CAST)-as-a-Service solution, emerged today from stealth to offer enterprises the seamless ability to analyze the security of containerized code in real-time. Founded in early 2019 by CEO Mike Hogan--serial entrepreneur with multiple exits and an IPO from companies such as DeepData, Novell, POET and ScaleDB--Carbonetes was created in response to the observation that the container security market lacked a comprehensive, scalable solution that can keep up with accelerating velocity of container development. Coming from a developer background and focus, Mike and team, frustrated with piecing together several on-premise applications to properly secure their containers, recognized the need for a cloud service that combined all of these capabilities, while delivering lightning fast performance. “The existing container security solutions require assembly of disparate expensive tools to analyze your containers across a spectrum of threats. With Carbonetes, your containers are analyzed for all threats. Your open source tools are analyzed for dependencies, vulnerabilities and licensing, while your native code is analyzed for vulnerabilities, secrets, configuration issues, and malware. This service runs inside a Kubernetes cluster, providing unrivaled scalability and performance,” said Mike Hogan, Founder & CEO of Carbonetes. “Given the ephemeral nature of containers that are repaired or replaced at high-velocity, Carbonetes is the only solution that offers customers the speed and range of coverage needed for container application security testing success.” Carbonetes provides the most comprehensive container analysis service, simultaneously analyzing all aspects of the container’s contents: open source (SCA: vulnerabilities, licensing, and dependencies), native code (vulnerabilities and secrets), as well as configuration and malware. By leveraging Kubernetes’ automated scaling, the analysis runs in parallel for industry-leading performance.

Carbonetes CAST Solution

• Software Composition Analyzer: Analyzes open source tools for dependencies and vulnerabilities.
• License Analyzer: Creates a list of licenses associated with each open source tool in the container.
• Configuration Analyzer: Identifies risks in container configuration, such as privilege, root access, scaling constraints, memory utilization, and more.
• Secrets Analyzer: Identifies sensitive data in the container that could be compromised, such as passwords, AWS keys, credentials, and more.
• Multi-Engine Vulnerability Analyzer: Provides best of class vulnerability analysis with threat levels, CVE details, and the location in your code along with suggested fixes.
• Malware Analyzer: Protection from trojans, viruses, and malware in your containers.

Unlike existing code analysis tools that analyze each container sequentially, Carbonetes leverages the power of Kubernetes to process all containers simultaneously. For example, if you are analyzing 100 containers, Carbonetes creates 100 pods that all work in parallel, providing results in 1% of the time it would take competing tools. Carbonetes provides a rich set of tools for creating, editing, testing and managing security policies. Analysis results are evaluated against policies to determine the appropriate action. Developers are then provided with the details necessary to secure their containers. This is all automated through seamless integration with your CI/CD pipeline.

The company’s advisory board is stacked with industry experts including, Mike Viscuso (VC and founder former CTO of Carbon Black), Anthony Bettini (CTO White Hat Security, Tech Editor of Hacking Exposed), Jeremy Carlson (OEM Sales Kaspersky), Brendan Hogan (Strategy & Business Development VMWare) and Tom Barsi (VP Corporate Development VMWare Carbon Black).

About Carbonetes

Carbonetes was founded in order to deliver a comprehensive container security analysis tool as a lightning-fast cloud service. Carbonetes is the industry’s first comprehensive cloud native container application security testing (CAST)-as-a-Service solution. Outfitted with six different analyzers, Carbonetes assesses software composition, licenses, configuration, secrets, malware, and vulnerabilities all in parallel at the speed and scale developers crave.

Media Contact:
Danielle Ostrovsky
Hi-Touch PR
410-302-9459
Ostrovsky@Hi-TouchPR.com