Rapid7 this week announced it has acquired Alcide, a provider of a platform for securing Kubernetes, for $50 million as part of an effort to unify cybersecurity across multiple platforms.
Brian Johnson, senior vice president for cloud security at Rapid 7, says that as Kubernetes gains traction, IT organizations will need to consistently apply security polices to container environments as well existing virtual machine platforms.
Rapid7 last year acquired DivvyCloud to gain access to a cloud security posture management (CSPM) platform. That capability was added to an existing Insight platform that spans everything from vulnerability management and user behavior analytics to orchestration and automation.
Johnson says Rapid7 plans to merge Alcide’s Kubernetes security capabilities with DivvyCloud’s CSPM capabilities so IT organizations can centralize security management across multiple platforms. Alcide provides a cloud workload protection platform (CWPP) that not only provides real-time visibility into potential security threats to container runtimes, but also provides a set of integrated network monitoring capabilities.
Ultimately, Rapid7 is moving toward enabling cybersecurity teams to apply policies to IT infrastructure based on a unique identity assigned to every element of the IT environment, Johnson says. That capability will make it possible to apply security policies consistently within the context of a zero-trust architecture, regardless of what type of workload is running, Johnson says.
It’s unclear to what degree IT organizations will opt to deploy container security platforms independently of the rest of the frameworks they rely on to secure legacy environments. DevOps teams that have embraced DevSecOps tend to prefer platforms that are easily integrated into programmatic workflows. Cybersecurity teams, however, tend to prefer managing security via a central console that enables them to uniformly apply policies using graphical tools that don’t require much programming expertise.
Johnson says he believes a cybersecurity Renaissance is coming, as processes spanning multiple platforms become more automated. There simply aren’t enough cybersecurity professionals available to manually manage security workflows across a rapidly expanding attack surface. Developers, meanwhile, may develop cybersecurity expertise, but it’s impractical to assume they’ll take full responsibility for security; they generally have their hands full building and deploying applications. Learning security best practices they then need to consistently apply across multiple application development projects is, realistically, beyond the capability of most developers, Johnson says.
Instead, what’s required is a security platform capable of keeping pace with the rate of modern application development and deployment; one that doesn’t necessarily require organizations to meld what are two very different cultures, says Johnson.
There are simply too many people trying to manage too many processes without any real context about the potential business impact a security event might have, Johnson says. Every time a new security issue arises, most IT teams are still unsure to what degree they might actually be impacted, because no is quite sure what precise code is actually running, says Johnson.
Securing IT environments remains a major challenge. However, as cybersecurity automation is paid more attention, both developers and cybersecurity teams will reap the benefits.