Cloud cost management platform provider Cast AI has launched Cloud Security Insights, a free security analytics tool that integrates with a company’s AI-powered cloud optimization platform. organization.
The platform, which is free for all users, aims to help DevOps and DevSecOps teams manage cloud resources, cloud optimization, and Kubernetes security.
It represents the second pillar of Cast AI’s standalone Kubernetes management platform, adding to the suite of tools to automate Kubernetes cost reduction, cloud resource provisioning, and security monitoring on Google. Cloud, Amazon Web Services (AWS), and Microsoft Azure.
The vendor-neutral platform provides users with fully automated reports containing Kubernetes configuration checks, helping to ensure that clusters are configured according to best practices for pods and workloads. The user interface provided details of individual checks and resources.
The platform also offers vulnerability scans for insight into potential issues that could arise due to container images downloaded from public registries, as well as 24/7 visibility into Kubernetes cluster configurations. .
Additionally, container image vulnerability detection and security recommendations can be organized and presented in order of priority.
Other features help users achieve security and regulatory compliance and provide a common platform for security and development team integration and collaboration.
“In addition to comprehensive cost monitoring, you now receive personalized security recommendations to mitigate security issues for cloud-native workloads,” says Laurent Gil, co-founder of Cast AI and CPO. “You just need to create an account and connect your AWS, Google or Azure Kubernetes applications.”
Gil adds that Security Insights can be used for multi-cloud or single-cloud environments, and it provides the same security alerts and insights regardless of which cloud providers the organization uses, with a common and simple control plane.
There are, of course, native tools that handle these tasks. Microsoft offers Microsoft Defender for Containers, for example, which covers more but costs $7 per CPU per VM. It also forces customers to install an agent on their resources.
Google Cloud runs a vulnerability assessment service for images at a price of $0.26 per scanned container image, while security for Kubernetes includes this service and vulnerability assessment in the pre-general release.
“However, we are already seeing that we are able to detect many other best practice violations,” says Gil. “The value is in the platform – Security Insights and cloud optimization make your applications secure and autonomous at the same time, with instant ROI.”
In short, Gil says users get “powerful and comprehensive” insight into Kubernetes security monitoring as well as instant ROI where the cost of Cast AI is still a fraction of the savings.
“Apps now run securely and autonomously, with instant resizing and one of the fastest autoscalers on the planet,” he adds.
Kubernetes environments pose several challenges
Mike Parkin, senior technical engineer at Vulcan Cyber, a SaaS provider for enterprise cyber risk remediation, points out that Kubernetes (aka k8s) environments present several specific challenges.
“These include compromised images, visibility into the environment, establishing and maintaining secure configurations, and a range of other issues related to securing containerized images in the cloud. “, he explains.
It adds everything that can help a security operations team consolidate their tools and give them more context and clarity.
“It does whether it’s a single, focused tool that covers multiple aspects of a deployment, or a risk management tool that brings other tools together,” Parkin says.
John Steven, CTO at automated threat modeling vendor ThreatModeler, says that as a deployment orchestrator, Kubernetes will dominate an organization’s alignment challenges, whether it’s hybrid/multicloud or data center-based. data.
“Indeed, the point of Kubernetes is to abstract management from the underlying infrastructure, replacing it with its own schema,” he says. He explains that managed Kubernetes solutions simplify scaling out because the cloud service provider’s (CSP) control over the underlying infrastructure makes it appear infinite.
Managed solutions also make it easier and more secure to integrate key CSP-specific services, such as directory services, persistence solutions or learning APIs, into a Kubernetes application, he said. .
“However, organizations can also feel like managed k8s are chained together – tying them to a particular vendor through configuration, service, and administrative idiosyncrasies,” Steven says.
He notes that organizations with exceptionally high availability requirements may struggle to provide multicloud resiliency against the failure of a single CSP availability zone or region.
“In practice, managed k8s trade off the complexity of multicloud k8s for the idiosyncrasy and lock-in of single-cloud management,” he says. “Given the above, it is strategic for security solutions to target k8s. Providing visibility into clusters fulfills a critical need.”
Steven adds that more than one startup has suffered a multi-day outage because a misconfiguration of k8 took a critical business function offline, or because storage, memory, or compute allocation claims set a ceiling too low for maximum use during intensive use.
“If companies start to view k8s as an unreliable platform — even if they don’t have the expertise to use it — they will move on to simpler solutions,” he says.
#Cast #presents #Cloud #Security #Insights #Kubernetes