DevOps Transformation | SUSE Communities

DevOps Transformation


Speed your journey to DevOps. NeuVector covers the entire CI/CD pipeline with complete vulnerability management and attack blocking in production with our patented container firewall. Integrate security automation into all stages of the pipeline.


DevOps Agility. Total Security.

NeuVector is a cloud-native security container which deploys with standard devops tools as part of your agile, CI/CD, or traditional deployment process. Vulnerability scanning can be integrated in the build, ship and run phases. Use the NeuVector CRD to define ‘Policy As Code’ so at run-time there’s no need to understand complex network or security settings or worry about keeping them updated.

Download the guide: “10 Steps to Automate Container Security Into the CI/CD Pipeline”

  • Automates vulnerability and compliance scanning for the entire pipeline
  • Create ‘Policy as Code’ to declare and enforce security policies through custom resource definitions (CRDs)
  • Manage complex deployments with ConfigMaps, Helm charts, and multi-cluster management

Deploy on Greenfield and Brownfield Applications

NeuVector deploys easily on greenfield or brownfield (running) applications without service interruption. It doesn’t matter if application containers are already running in staging or production. Use standard devops tools to deploy the security container in minutes on each host. Then instantly discover application behavior, threats, and vulnerabilities, and integrated security into the pipeline.

  • Automate NeuVector deployment through Helm charts, ConfigMaps, or the REST API
  • Build and deploy ‘security policy as code’ to enforce application behavior in production

Scan Images and Host OS for Vulnerabilities

NeuVector delivers full lifecycle vulnerability management for scanning containers, orchestration platforms, and the host OS for vulnerabilities in dev, test, staging, and production. All containers running in production should receive a ‘live’ scan. But you can also choose how early in the deployment process you test containers for application vulnerabilities.
  • Scan images for vulnerabilities in the build stage with the NeuVector Jenkins plug-in
    and in registries
  • Auto-scan containers and hosts at run-time, and create auto-response rules such as
    alerting and quarantining
  • Audit security configurations with the Docker and Kubernetes CIS benchmark tests

Use the DevOps Tools of Choice

NeuVector is a true ‘cloud-native’ security solution. Deployment of NeuVector is super easy. Just use your favorite container devops tools to deploy the NeuVector container on hosts you wish to protect. You can set most orchestration tools to make sure NeuVector gets deployed on all hosts.
  • Supports deployment, management and orchestration tools and frameworks
  • Adapts automatically to network settings and overlay networks to secure containers
  • Integrates with cloud-native resources such as admission controls, OpenShift
    imagestreams, RBACs, custom resource definitions, configmaps and more
Avatar photo
Glen Kosaka Glen is head of product security at SUSE. Glen has more than 20 years of experience in enterprise security, marketing SaaS and infrastructure software. He has held executive management positions at NeuVector, Trend Micro, Provilla, Reactivity, Resonate, Quantum and Rignite.