A Look at Upcoming Innovations in Electric and Autonomous Vehicles Kaspersky Expands Container Security Platform to Close DevSecOps Compliance Gaps

Kaspersky Expands Container Security Platform to Close DevSecOps Compliance Gaps

Containerisation now underpins the software infrastructure of the vast majority of modern enterprises, but the speed advantages that made the technology so attractive have also introduced a complex new attack surface that many security tools were not built to address. Following its participation in the ITWeb Security Summit, where container security featured prominently on the agenda, Kaspersky has released a substantial update to its Kaspersky Container Security (KCS) platform, adding capabilities around custom policy enforcement, configuration portability, control plane auditing and supply chain threat detection.

Why Container Security Has Become a Distinct Discipline

The shift toward containerised environments - where applications run in isolated, portable units managed by orchestration platforms such as Kubernetes - has fundamentally changed how software is built, tested and deployed. Corporate adoption of containerisation has reached near-universal levels among technology-oriented organisations, driven by measurable gains in developer productivity and infrastructure efficiency. But the same architectural characteristics that make containers agile also make them difficult to secure through conventional means.

Container environments are inherently dynamic. Workloads spin up and down rapidly, configurations change frequently, and the boundary between development and production has become increasingly porous. Traditional perimeter security tools, designed for stable, long-lived infrastructure, struggle to keep pace. What has emerged in response is a dedicated category of security tooling built specifically for containerised lifecycles - one that must operate at every stage, from code commit to running production workload.

Supply chain vulnerabilities have added another layer of urgency. High-profile incidents in recent years demonstrated that attackers can compromise software not by breaching production systems directly, but by infiltrating the automated pipelines that build and deliver code. CI/CD workflows, including those built on platforms such as GitHub Actions, are now recognised as a meaningful vector for injecting malicious code into legitimate software builds - often through misconfiguration rather than direct intrusion.

What the New Release Adds

The updated KCS platform addresses several specific pain points that security and DevOps teams have identified as obstacles to maintaining security without slowing development cycles.

Custom policy creation is among the most practically significant additions. Many organisations operate under internal compliance frameworks, industry-specific regulations or regional data protection requirements that do not map neatly onto vendor defaults. KCS now allows teams to define their own benchmarks for image assurance, dynamic admission control and security configuration checks, and to apply these alongside - rather than instead of - built-in defaults. This matters because security teams frequently face a choice between adopting a tool's opinionated defaults and spending significant time customising a solution; the new capability reduces that trade-off.

Configuration portability through import and export addresses a real operational burden in large enterprises. When a parent organisation needs to replicate security policies across subsidiaries with independent IT infrastructure, manually recreating configurations is time-consuming and error-prone. The new export functionality allows complete system configuration - policies, agent groups, profiles and associated settings - to be packaged and transferred, either in encrypted form or in an open format that allows editing before import. This is particularly relevant for regulated industries where consistency of security controls across business units is itself a compliance requirement.

On the detection side, the update extends security agent support to master nodes within Kubernetes clusters, enabling auditing of the control plane - the orchestration layer that governs the entire cluster. Vulnerable configurations or signs of compromise at this layer represent some of the most consequential risks in a container environment, since control plane access can give an attacker authority over every workload the cluster runs. Bringing this layer under the same unified monitoring console as the rest of the infrastructure closes a visibility gap that has historically been difficult to address.

The GitHub Actions scanning capability targets a specific and increasingly exploited attack pattern: misconfigured automation workflows. Issues such as unsafe trigger conditions, improper handling of external input and insecure versioning can allow an attacker to redirect a legitimate build pipeline to execute arbitrary code. KCS can now detect these conditions during repository scanning, and the scanner can be embedded directly into CI/CD workflows or run independently - giving teams flexibility in how they integrate security checks without requiring pipeline redesign.

Performance and Operational Efficiency Improvements

Security tooling that imposes significant overhead on the environments it protects tends to be deprioritised or disabled under operational pressure - a dynamic that undermines the purpose of the tool entirely. The new KCS release addresses this directly with performance optimisations at the agent level.

  • Node-agent performance has been improved by a factor of 2.5, allowing processing of large rule sets without measurable impact on CPU or memory consumption in running pods.
  • Dynamic admission control request handling is now ten times faster, achieved through optional scan result caching that eliminates redundant queries to the product core.
  • Agent configuration can now be updated dynamically without redeploying node-agent pods, removing the downtime previously associated with configuration changes at scale.
  • Scanned container images can be exported as a software bill of materials (SBOM), supporting integration with vulnerability management tools and providing full traceability across the software supply chain.
  • Access controls for CI scan results can now be configured to reflect an organisation's project visibility and data isolation requirements.

The SBOM export capability deserves particular attention in the current regulatory environment. Governments and industry bodies in several jurisdictions have moved toward requiring software suppliers to provide machine-readable inventories of the components in their products. The ability to generate this documentation directly from the scanning workflow reduces the manual effort required to meet those obligations.

The Broader Context: Security and Speed as Complementary Goals

The underlying tension the KCS update is designed to address - between moving quickly and maintaining security - reflects a maturation in how organisations think about DevSecOps. The model that treats security as a gate applied at the end of a development process is broadly understood to be both ineffective and expensive; defects caught late in the pipeline cost more to remediate and are more likely to reach production. The alternative, embedding security checks throughout the development lifecycle, requires tooling that is fast enough to not become a bottleneck and flexible enough to accommodate the specific compliance context of each organisation.

"We believe that container security must be as flexible and fast as containerisation itself," said Anton Rusakov-Rudenko, Senior Product Marketing Manager for Cloud and Network Security at Kaspersky. "This release helps to effectively bridge the gap between rapid deployment and strict compliance, protecting infrastructure against the latest cyber threats, without operational overhead."

The ITWeb Security Summit context is relevant here: the event provides a forum where practitioners and vendors exchange current threat intelligence and operational experience, and Kaspersky's announcement reflects the kinds of concerns actively circulating in that community. Supply chain integrity, control plane visibility and compliance automation are not theoretical priorities - they are the practical challenges security engineers are working through in production environments right now. Whether the KCS update meets those needs in practice will depend on deployment experience, but the capabilities it introduces are squarely aimed at the gaps that matter most in containerised enterprise infrastructure today.