Docker Enhances Security Operations with Tracebit
Docker, a leader in containerization technology, continuously strives to ensure the highest levels of security for its platform. To bolster its security operations, Docker has partnered with Tracebit, a provider of advanced threat detection solutions for the cloud.
Highlights
"The deployment of Tracebit’s solutions was seamless, integrating effortlessly into our existing infrastructure, deployment pipelines, and SIEM systems. We have observed a notably low false positive rate, which has significantly reduced the noise and allowed our team to focus on genuine threats.”
Tim Welsh
Staff Security Engineer, Docker
Case study
The Challenge
Docker's innovative platform enables developers to build, ship, and run applications anywhere, managing a complex and dynamic infrastructure. Ensuring the security of this extensive operation and protecting user data is a top priority. Docker needed a solution that could seamlessly integrate into its existing systems, providing robust threat detection without disrupting workflows.
The Solution
Tracebit's suite of tools, including AWS Canaries, Canary credentials, and Okta Canaries, provides Docker with the enhanced security measures required. By deploying these solutions, Docker has significantly improved its ability to detect and respond to potential threats. For example, leveraging the light weight integrations including the Terraform deployments enabled coverage of AWS accounts in as little as 10 minutes with no manual efforts. The team has also been able to leverage the Panther integration to instantly integrate Tracebit into their existing SecOps workflows, bringing additional signals to the security team without an additional tool to regularly manage.
Docker's Perspective
"Working with Tracebit has been a significant enhancement to our security posture," said Tim Welsh, Staff Security Engineer at Docker. "The deployment of their solutions was seamless, integrating effortlessly into our existing infrastructure, deployment pipelines, and SIEM systems. We have observed a notably low false positive rate, which has significantly reduced the noise and allowed our team to focus on genuine threats. The comprehensive information provided by Tracebit's tools has been invaluable in rapidly identifying and mitigating real security breaches."
Results and Benefits
Since implementing Tracebit's solutions, Docker has experienced a marked improvement in threat detection and response times. The integration of canary credentials and other detection mechanisms has allowed Docker's security team to quickly identify and mitigate potential threats, ensuring the continued safety and reliability of the platform. The Tracebit deployment has leveled up a range of detections including data exfiltration, lateral movement, privilege escalation, supply chain attacks and credential theft.
"Our partnership with Tracebit has not only enhanced our security operations but also reinforced our commitment to providing a secure environment for our users," added Welsh. "The peace of mind that comes with knowing we have cutting-edge threat detection in place is invaluable."
Looking Ahead
Docker remains committed to maintaining a secure and innovative platform for its users. The collaboration with Tracebit is a testament to Docker's dedication to integrating advanced security solutions that address evolving cybersecurity challenges - we share Tracebit’s vision that canaries have a broad range for highly efficient threat detection and are excited to collaborate further as they build out the platform.
