Tenable Announces Support for Microsoft Azure Linux: A New Way to Achieve Secure Container Development

With the launch of Azure Linux container host for Azure Kubernetes Service, Microsoft enters the open-source Linux distribution container sphere with enhanced security Kubernetes experience. In this blog, we explain key features of Azure Linux and how Tenable can support the security needs of Microsoft customers.

Microsoft Azure Linux is a newly launched container host that provides reliability and consistency from cloud to edge across the Azure Kubernetes Service (AKS), AKS-HCI, and Azure Arc products. Azure Linux node pools can be deployed in a new cluster, added to existing Ubuntu clusters or migrate Ubuntu nodes to Azure Linux nodes. This gives Microsoft customers one place to do all Linux development in a lightweight and agile container environment, reducing the attack surface.

According to Jim Perrin, Principal PM, Microsoft Azure Linux at Microsoft, “With Azure Linux, customers see benefit from the value of having a secure, performant, and fully native AKS container host. Microsoft controls the supply chain for Azure Linux end to end, resulting in a more streamlined image tailored and optimized for AKS. Azure Linux provides a consistent k8s experience throughout the developer and production lifecycle coupled with the level of support you expect from Microsoft.”

Microsoft has been a longtime member of the Tenable partner ecosystem. We recently announced the general availability of Agentless Assessment for Azure and we see the launch of Azure Linux as an important step forward in creating a more secure cloud environment.

Why is Azure Linux more secure?

The reason is simple: Azure Linux container host for AKS is lightweight and only holds the necessary set of packages needed to function. Therefore there aren’t unnecessary packages that could hold vulnerabilities. This gives security teams less to patch and maintain and they know that they aren’t remediating inconsequential packages.

Additionally, Microsoft says that the kernel and other aspects of the OS are built with an emphasis on security and follow the secure-by-default principle, compliant with Microsoft security standards and industry certifications.

Building on key security integrations with Tenable

Microsoft Azure Linux is supported by Tenable Cloud Security. Core featureslike scanning the Azure DevOps Repository, and the integration into the Azure DevOps pipeline — ensures that pipelines are scanned for violations and disabled if high severity violations are found in the code.

The introduction of Agentless Assessment for Azure in Tenable Cloud Security extends our Cloud Security Posture Management capabilities for Microsoft Azure to include vulnerability detection for misconfigurations.

Tenable also has Kubernetes Security Posture Management (KSPM) capabilities for Microsoft Azure environments and a dedicated CIS profile and certification for AKS and Microsoft services across Tenable Cloud Security, Tenable Nessus and Tenable Security Center (formerly Tenable.sc). For more information on key industry frameworks such as CIS and how to operationalize them as part of your security program read the blog: “7 Regulatory and Compliance Frameworks with Broad Cloud Security Implications.”

Tenable is looking forward to helping our customers evaluate and adopt Azure Linux for secure Linux distribution and deepening our integration with Microsoft.

Learn more

• Read the blog, Introducing Tenable Cloud Security Agentless Assessment for Microsoft Azure
• Join us for a Cloud Security Coffee Break
• Check out Microsoft's Azure Linux Documentation for more details