Virtualization Technology News and Information
Article
Search:
RSS
Follow VMblog.com:
Improve end user experience in VDI, DaaS and physical endpoint environments
Ermetic Adds Kubernetes Security Posture Management to Cloud Native Application Protection Platform
Ermetic announced its Cloud Native Application Protection Platform (CNAPP) now provides automated capabilities that enable customers to discover and fix misconfigurations, compliance violations, and risky or excessive privileges in Kubernetes clusters. Unlike traditional Kubernetes security tools, Ermetic combines signals from the platform's cloud workload protection (CWP), infrastructure as code (IaC) scanning, cloud security posture management (CSPM) and cloud infrastructure entitlement management (CIEM) functionality to provide full context visibility into threats.

Kubernetes' powerful facilities for deploying and managing containerized applications across multiclouds introduce complex security challenges including cluster configuration and vulnerability management, network security, role-based access control (RBAC), secrets management and runtime security. The Ermetic CNAPP provides a detailed inventory of the resources inside all Kubernetes clusters, performs continuous posture assessment and prioritization of risks, and offers guided how-tos and workflow integrations to accelerate remediation.

"Existing approaches to Kubernetes security typically provide a siloed view, which results in high false positive rates," said Sivan Krigsman, Chief Product Officer for Ermetic. "By combining Kubernetes security posture management with our full stack cloud native application protection capabilities we provide unprecedented visibility and context, for accurate risk prioritization and remediation."

Comprehensive Visibility and Control
To provide full and accurate visibility into Kubernetes resources, Ermetic queries the Kubernetes API for each cluster, and uses agentless scanning and analysis of node configurations and containers. These findings, when coupled with intelligence from Ermetic's CWP, IaC scans, CSPM and CIEM capabilities, enables customers to:

  • Get a detailed inventory of Kubernetes resources within clusters
  • Detect misconfigurations and vulnerabilities, and access detailed, step-by-step remediation instructions
  • Prioritize workload vulnerabilities within the context of cloud configuration, permissions, network access, and more
  • Enforce least privilege for users and services using the internal Kubernetes role based access control (RBAC) mechanism
  • Assess and enforce compliance standards for Kubernetes clusters such as CIS benchmarks

Availability
The new Kubernetes security posture management (KSPM) capabilities are available immediately in the Ermetic CNAPP, from Ermetic and its business partners worldwide.

Published Wednesday, March 01, 2023 4:13 PM by David Marshall
Filed under:
Get This Featured White Paper: The Monitoring ELI5 Guide: Technology Terms Explained Simply
You may also be interested in this white paper: Safeguarding Your Business in the Digital Age
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
CTE2023
CC2023
big-5g
DTX2023
connected-america
unified-communications
kubecon-eu-2023
disrupt2023
vExpert
Calendar
<March 2023>
SuMoTuWeThFrSa
2627281234
567891011
12131415161718
19202122232425
2627282930311
2345678