Host Security Service (HSS) upgrade: new version and container package


Flexible Engine
Release Notes

April, 2023


What’s new?

Flexible Engine users can now enjoy an additional layer of security through this latest upgrade : containers can now be protected and supported by Host Security Service (HSS).

Host Security Service (HSS)

What is it?

Host Security Service (HSS) is a reliable security management tool for servers. It improves overall host security and provides features such as vulnerability management, asset management, baseline inspection and intrusion detection to immediately discover intrusions and meet compliance requirements.

How it works

To use HSS, the agent needs to be installed on Elastic Cloud Servers (ECSs), allowing O&M teams to centrally manage host security through the security management center.

  1. If you are already using HSS, you can still access the old console by clicking on the “access old console” button.
  2. A new package is now available for container protection: Container Guard Service (CGS)

Container Guard Service (CGS)

What is it?

Container Guard Service (CGS) protects containers from vulnerabilities, escape attacks, intrusions, and malicious code by scanning container images and implementing the security policies you define.

Application scenarios

  • Container Image Security : external images, including those downloaded from Docker Hub, contain vulnerabilities. Image vulnerabilities can also be inadvertently introduced through the use of open-source frameworks. It is time consuming to manually find and fix all the vulnerabilities.
  • Container Runtime Security : Container behaviors are immutable. CGS helps enterprises develop a whitelist of container behaviors to ensure that containers run with the minimum permissions required and are secure against threats.

For more information on these services please visit Help Center (orange-business.com)