Microsoft brings K8s Security Center out of preview, replaces CoreOS Container Linux with Flatcar

Azure security dashboard now covers Kubernetes service - at a price

Microsoft's integration of Azure Kubernetes Service (AKS) with Security Center is now out of preview. In addition, the company has added Flatcar Linux to the Azure marketplace to replace CoreOS Container Linux, which goes end of life in May.

Azure Security Center now extends to AKS

Azure Security Center now extends to AKS ... Click to enlarge

The Azure Security Center is a dashboard which inspects your various services and makes automated recommendations. It uses the concept of "Secure Score" in a similar manner to the Microsoft Secure Score in Office 365 and Microsoft 365, assigning points based on the policies and practices it detects. Security Center is free, but implementing some recommendations involves further cost, and there is also a paid-for upgrade to Security Center Standard.

Azure Security Center. Someone has work to do.

Azure Security Center at work. Someone has work to do.

The Security Center features a mix of preview and generally available features, something which customers of Microsoft's cloud will be well used to. One thing which is now out of preview is support for Azure Kubernetes Service (AKS) – though to use this you will need the Standard version.

Customers using this integration are promised monitoring of clusters and Docker configurations as well as detection of suspicious network or process events, both at the cluster level and on individual hosts. For example, if an SSH server (used for remote access) is running inside a container, this will generate a medium alert, on the grounds that while it may be intentional, it is also typical of a misconfigured or breached container. An example of a high alert would be detection of a container running cryptocurrency mining software.

What will it cost? A good question, since while Microsoft has removed the "Preview" designation from its documentation, the pricing page still says "Pricing displayed is preview price. Price will change at GA." For what it is worth, the current price is £0.001 per vCore per hour, for AKS integration with Security Center.

The snag with Security Center, pricing aside, is that, as with any automated service, it only knows its own rules, and may miss issues that are obvious to humans, or flag issues that upon investigation are not real problems. There is also an element of upsell in some recommendations.

Microsoft has also responded to the coming end of life of CoreOS Container Linux, popular for hosting containers. The company has added Flatcar Linux to the Azure Marketplace, Flatcar being a compatible fork of CoreOS. The company has also suggested that you migrate from CoreOS to Flatcar by running a script provided by Flatcar sponsor Kinvolk, which converts a host from CoreOS to Flatcar by changing the update server and forcing an update.

At times like this, you wonder whether the Azure folk may be looking with interest at what AWS is doing with Bottlerocket, a dedicated new Linux distro for hosting containers, managed by the cloud provider. ®

Similar topics

Other stories you might like

  • It's the flu season – FluBot, that is: Surge of info-stealing Android malware detected

    And a bunch of bank-account-raiding trojans also identified

    FluBot, a family of Android malware, is circulating again via SMS messaging, according to authorities in Finland.

    The Nordic country's National Cyber Security Center (NCSC-FI) lately warned that scam messages written in Finnish are being sent in the hope that recipients will click the included link to a website that requests permission to install an application that's malicious.

    "The messages are written in Finnish," the NCSC-FI explained. "They are written without Scandinavian letters (å, ä and ö) and include, for example, the characters +, /, &, % and @ in illogical places in the text to make it more difficult for telecommunications operators to filter the messages. The theme of the text may be that the recipient has received a voicemail message or a message from their mobile operator."

    Continue reading
  • AsmREPL: Wing your way through x86-64 assembly language

    Assemblers unite

    Ruby developer and internet japester Aaron Patterson has published a REPL for 64-bit x86 assembly language, enabling interactive coding in the lowest-level language of all.

    REPL stands for "read-evaluate-print loop", and REPLs were first seen in Lisp development environments such as Lisp Machines. They allow incremental development: programmers can write code on the fly, entering expressions or blocks of code, having them evaluated – executed – immediately, and the results printed out. This was viable because of the way Lisp blurred the lines between interpreted and compiled languages; these days, they're a standard feature of most scripting languages.

    Patterson has previously offered ground-breaking developer productivity enhancements such as an analogue terminal bell and performance-enhancing firmware for the Stack Overflow keyboard. This only has Ctrl, C, and V keys for extra-easy copy-pasting, but Patterson's firmware removes the tedious need to hold control.

    Continue reading
  • Microsoft adds Buy Now, Pay Later financing option to Edge – and everyone hates it

    There's always Use Another Browser

    As the festive season approaches, Microsoft has decided to add "Buy Now, Pay Later" financing options to its Edge browser in the US.

    The feature turned up in recent weeks, first in beta and canary before it was made available "by default" to all users of Microsoft Edge version 96.

    The Buy Now Pay Later (BNPL) option pops up at the browser level (rather than on checkout at an ecommerce site) and permits users to split any purchase between $35 and $1,000 made via Edge into four instalments spread over six weeks.

    Continue reading

Biting the hand that feeds IT © 1998–2021