HyTrust Adds Kubernetes Security for Free
HyTrust announced today it will deliver an update to security platform for virtual machines that adds support for both Kubernetes and Amazon Web Services (AWS).
Previously, the HyTrust CloudControl only supported virtual machines from VMware. But with the launch of version 6.0 of HyTrust CloudControl, support is being extended to AWS and Kubernetes. HyTrust President and Co-Founder Eric Chiu says in the case of Kubernetes running on top of virtual machines from either VMware or AWS, the support for Kubernetes is being provided at no extra cost. However, organizations looking to secure an instance of Kubernetes on a bare-metal server would have to buy a HyTrust CloudControl license.
HyTrust CloudControl provides a means for consistently applying security controls over what are increasingly becoming hybrid cloud computing environments, says Chiu. In addition, cybersecurity professionals can determine the security posture of any given workloads, assess vulnerabilities in an application image and identify where configurations need to be hardened.
Organizations also can set up workflows that require, for example, two-person approvals to reduce the potential for operator error.
Chiu says the rise of Kubernetes and DevOps processes in general is driving organizations to look for agile ways of maintaining cybersecurity. By providing a centralized mechanism for managing security controls across multiple cloud environments, Chiu says organizations can deploy security controls as a set of YAML files that can be incorporated into any continuous integration/continuous deployment (CI/CD) platform.
Rather than having to implement a separate security platform for instances of virtual machines and Kubernetes running in different environments, it will be a lot more economical for most organizations to centrally manage security both in terms of licensing fees and operational overhead, Chiu says. That latter requirement is especially critical at a time when there is a chronic shortage of trained cybersecurity professionals.
Chiu also notes that HyTrust CloudControl 6.0 drives down compliance costs because it comes with built-in templates for a wide variety of regulations that make it easier to apply, for example, the configuration data collected to the platform for passing an audit.
The biggest challenge cybersecurity professionals face today is that the rate at which applications are being built and deployed is starting to exceed their ability to keep pace. Cybersecurity professionals need to find a way to validate an IT environment is secure without slowing down the rate at which applications are being deployed. That problem is only going to be further exacerbated as organizations embrace microservices-based applications based on containers that allow developers to rip and replace functionality almost at will. Cybersecurity professionals soon could find themselves needing to review application updates daily.
In the meantime, Chiu says IT organizations should start embracing DevSecOps processes to find the ideal middle ground between a need for speed and cybersecurity. After all, deploying more insecure applications at faster rates is not necessarily the goal. The goal is to deploy higher quality applications that include eliminating vulnerabilities long before an application ever gets deployed in a production environment.
