Cado Introduces First-Ever Support to Perform Investigations in Distroless Containers

Today we are so excited to announce the world's first solution to enable forensic investigations in distroless container environments. With this new capability, security teams can now use the Cado platform to seamlessly investigate the root cause, scope, and impact of malicious activity detected within distroless container environments to gain greater visibility into cloud risk.

The Cado team is working diligently to remain on the cutting edge so that customers can take advantage of the latest and greatest cloud technologies without worrying about introducing additional risk. As Distroless containers offer unique benefits, they are quickly gaining popularity amongst organizations. However, while distroless containers offer some security benefits by minimizing the attack surface, they actually leave a huge security blindspot when something malicious does indeed occur. Cado Security is addressing the pressing challenge. 

Cado now Supports Investigations in Distroless Container Environments, Eliminating Critical Blindspots for Security Teams

Visit us at RSA 2024 to see the latest capabilities Cado has to offer at booth #4316 or schedule a demo with our team. 

More details in the press release below: 

Cado Security Introduces First-Ever Support to Perform Investigations in Distroless Container Environments

Cado Security Platform now Supports Investigations in Distroless Container Environments, Eliminating Critical Blindspots and Delivering Unprecedented Visibility into Cloud Risk.   

London – May 8, 2024 – Cado Security, provider of the first investigation and response automation platform, today announced the world's first solution to perform forensic investigations in distroless container environments. With Cado Security’s new offering, security teams can investigate the root cause, scope, and impact of malicious activity detected within distroless container environments to gain greater visibility into cloud risk.

Distroless containers are designed for efficiency and security, stripped of standard OS components like shell utilities and package managers. While these containers offer some security benefits by minimizing the attack surface, they actually leave a huge security blindspot when something malicious does indeed occur. Until today, it was impossible to perform an investigation in these environments, resulting in a significant visibility gap.

"The use of distroless containers is on the rise, promising agile deployment and increased security," said Chris Doman, CTO & Co-Founder at Cado Security. "However, their minimalist design introduces complexities when it comes to investigation and response. This is a pressing security challenge as millions of distroless containers are being used by companies worldwide. We are addressing this with the world's first and only solution to perform forensics investigations in these environments in order to provide much-needed visibility for security teams."

Cado Security delivers a first-of-its-kind solution that addresses the unique challenges distroless containers introduce for security teams. Cado’s unique patent-pending approach collects data from distroless and private clusters without impacting the target container to enable immediate investigation. The collected data includes running processes, crucial log files, and forensic artifacts. Cado also uses its previously open-sourced "varc" toolset to collect memory from individual processes for forensic analysis. This evidence is then seamlessly presented in the Cado platform for unprecedented visibility into cloud risk.