Real-time identification of security and compliance risks for multi-cluster K8s and Istio deployments integrated with the CI/CD pipeline for DevOps teams
TEL AVIV, Israel, San Francisco, CA – May 15, 2019 – Alcide, the cloud-native network security leader empowering DevSecOps with code-to-production continuous security for workloads running on Kubernetes, today announced the release of Alcide Advisor. Alcide Advisor is a continuous security & hygiene scanner for Kubernetes & Istio, which automatically scans for the widest range of compliance, security and governance risks and vulnerabilities. Already deployed in numerous customer environments, and fully integrated with the CI/CD pipeline, it empowers engineering teams to maintain engineering motion and quickly identify security drifts and risks, even before they are introduced to production. This K8s and Istio advisory continuously scans across the various development stages all the way into production.
The complexity of cloud-native and Kubernetes deployments mandates continuous security capabilities that offer ongoing insights and actionable recommendations to ensure always-on security of deployed applications. Enabling DevOps with a ‘click & run’ experience, Alcide Advisor helps them ramp up their K8s migration and adoption quickly, without compromising on security.
With Alcide Advisor engineering teams can rest assured that the apps they build are deployed and monitored in a secure manner; while DevOps teams benefit from a fast, automated and secured deployments; and cloud architects can stay on top of every change, risk or new user introduced to the system.
“DevOps pushes adoption of cloud-native application technology today, with K8s being a driving force,” says Gadi Naor, co-founder and CTO of Alcide. “By combining the worlds of DevOps with Kubernetes security, these teams can now leverage the agility, speed, security and scale of cloud-native development, without sacrificing security, development flexibility or business velocity. It’s a win-win for Dev, Sec and Ops.”
The Alcide Advisor provides a single-pane view for all K8s- related risk, governance and compliance issues, including auditing, topology, network, policies scans and automated common vulnerabilities and exposure checks. Fully integrated with the CI/CD pipeline, the comprehensive monitoring by the Advisor enables DevOps teams to gain a deeper understanding and tighter control of their distributed and complex Kubernetes projects with a continuous, always-on, dynamic analysis covering:
- Kubernetes Center for Internet Security (CIS) Benchmark
- Kubernetes vulnerability scanning
- Hunting misplaced secrets, or excessive secret access
- Workload hardening from Pod Security to network policies
- Ingress controllers for security best practices
- Kubernetes API server access privileges
- Kubernetes security best practices on AWS
- Kubernetes operators security best practices
- Istio security configuration and best practices
“As a Kubernetes CI/CD that advocates for faster processes and integrating security into the automation pipeline, adding support for Alcide Advisor made a lot of sense to us,” said Dan Garfield, Chief Technology Evangelist, Codefresh. “Alcide Advisor was very easy to work with and now our users can add it to their pipelines within a few seconds to start getting powerful security scans of their connected Kubernetes clusters. Our users are going to love it!”
The Alcide team will be showcasing Alcide Advisor and the Alcide Platform featuring its microservices firewall at KubeCon Barcelona, booth SE 47.
Get Alcide for free by signing up to the Early Access Program.
Alcide is a cloud-native security leader empowering DevSecOps teams to continuously secure and protect their growing multi-cluster Kubernetes deployments. By automatically discovering, managing and enforcing security policies across deployments, Alcide’s Microservices Firewall for K8s and Istio enables unified code-to-production enforcement of security policies spanning networks and workloads. This enables the smooth operation of business apps while protecting cloud deployments from malicious attacks.