Alcide Secures Multi-Kubernetes Cluster Environments
Alcide has extended the reach and scope of its container security platform to include multiple clusters and the service mesh employed across them.
At the same time, Alcide has bolstered the machine learning algorithms it embeds in its platform to make it easier to identify potential security issues such as misconfigurations or excessive network policies permissions before they can be exploited by cybercriminals. The company is taking advantage of these algorithms to add support for both Domain Generation Algorithm (DGA)-based malware detection capabilities and peer container analysis to establish a baseline for what constitutes normal behavior in a container environment.
Alcide has also made it possible to embed policies directly onto the workload to enforce runtime microsegmentation whenever and wherever a workload is deployed, along with the ability to share threat alerts with third-party operational management platforms.
Finally, Alcide announced that its namesake security platform is now also available on the Google Cloud Platform (GCP).
Alcide CTO Gadi Naor says that approach enables organizations to pursue a more proactive approach to DevSecOps because once machine learning algorithms identify those issues, it becomes easier for developers to remediate those vulnerabilities as part of their DevOps processes. All the potential cybersecurity issues pertaining to containers, the Kubernetes clusters they run on and the Istio service mesh employed to manage application services are discoverable by the Alcide platform and displayed via a single dashboard, he says.
In general, Naor notes, containerized applications remain more secure than traditional monolithic applications that rely on patches to address security issues. In contrast, security fixes made to a containerized application only require developers to rip and replace a few containers.
However, containerized applications tend to be more complex to manage because there are so many moving parts. Taking advantage of algorithms and automatically applying policies to specific types of workloads makes it possible for cybersecurity professionals to keep pace with the rate of change in container environments spanning multiple clusters that increasingly are being deployed in multiple clouds, he says.
That level of complexity naturally will force more organizations to address the need to define a set of best DevSecOps practices. The rate of change within containerized application environments is not something cybersecurity teams will be able to keep pace with on their own. They will need to rely on developers to back security controls directly within applications that are automatically invoked whenever that application is deployed in a production environment.
Naturally, it may take a while to train developers just what cybersecurity controls should be applied when. But each time a cybersecurity control is overlooked, it should be relatively trivial to first identify the issue and then address it via the same DevOps processes relied on to continuously update that application. In that sense, cybersecurity issues become a standard part of any quality assurance process. Of course, that goal can only be achieved if the DevOps teams has visibility to the vulnerabilities that need to fixed in the first place.
