A world first from Cado Security

​

Investigation and response automation platform, Cado Security  launches the world’s first solution to perform forensic investigations in distroless container environments enabling security teams to gain greater visibility into cloud risk and investigate the root cause, scope, and impact of malicious activity.
 
“The use of distroless containers is on the rise, promising agile deployment and increased security.  However, their minimalist design introduces complexities when it comes to investigation and response.  This is a pressing security challenge as millions of distroless containers are being used by companies worldwide,” explains Chris Doman, Chief Technology Officer and Co-Founder, Cado Security.  “We are addressing this with the world’s first and only solution to perform forensics investigations in these environments in order to provide much-needed visibility for security teams.”

Distroless containers are designed for efficiency and security, stripped of standard OS components like shell utilities and package managers.  While these containers offer some security benefits by minimizing the attack surface, they leave a huge security blind spot when something malicious does indeed occur.  Until today, it was impossible to perform an investigation in these environments, resulting in a significant visibility gap.
 
Cado Security delivers a first-of-its-kind solution that addresses the unique challenges distroless containers introduce for security teams.  Cado’s unique patent-pending approach collects data from distroless and private clusters without impacting the target container to enable immediate investigation.  The collected data includes running processes, crucial log files, and forensic artifacts.  Cado also uses its previously open-sourced “varc” toolset to collect memory from individual processes for forensic analysis.  This evidence is then seamlessly presented in the Cado platform for unprecedented visibility into cloud risk.

​