Product showcase: CIOs can optimize and secure hybrid IT environments with Runecast

As cybersecurity and regulatory compliance become the two largest concerns of corporate boards (Gartner, 2021), many organizations are adding cybersecurity experts specifically to scrutinize security and risk issues.

Modern hybrid data center architectures span on-premises, physical and virtual machines (VMs), or multiple public cloud infrastructures. To meet and control the unique requirements of complex hybrid environments is time-consuming for IT teams. With increasing budgetary requirements, companies have to balance between high maintenance costs and having adequate funding for security.

Runecast moves organizations ahead of these challenges with automated discovery and single-platform visibility of issues for IT Security and Operations teams. Built by admins for admins, Runecast enables a proactive approach to operational transparency, vulnerability and configuration management, security compliance and remediation of issues. Teams no longer have to reactively put out fires and can work more efficiently toward business growth drivers.

A solution from its inception

Runecast began as an answer to a problem that many IT teams were having, including its founders: after hours or even days of searching for root causes to problems, 90% of the issues discovered (reactively) within their environments had been already documented – and could have been avoided with the assistance of automation. Runecast founders designed a way to capture that readily available information and leverage it for a proactive approach to ITOM, CSPM and more.

Using a patented rules engine with RAIKA (Runecast AI Knowledge Automation) and multiple industry-standard data sources (ranging from Knowledge Base articles to forums and security standards), Runecast monitors configuration drift, vulnerabilities, alignment with best practices and security compliance posture.

Security teams benefit

Time is precious, and Runecast enables security teams to use limited time more efficiently, to get back to the value-adding work that IT teams should be doing. It automates vulnerability management and security compliance for custom profiles and the most common standards – such as CIS Benchmarks, NIST, HIPAA, PCI DSS, DISA STIG, BSI IT-Grundschutz (Germany), ISO 27001, GDPR, Cyber Essentials (UK), Essential 8 (Australia) and more.

All analysis of your hybrid cloud environment runs locally on the Runecast appliance, meaning that no data needs to be sent beyond your control (e.g. to third-party support).

Operations teams benefit

Runecast monitors for any misconfigurations and provides remediation for issues it discovers within systems such as AWS, Azure, Kubernetes, Linux Red Hat, VMware and Windows.

Built upon the idea that knowledge is power, Runecast provides operations teams the latest available information, both in terms of their systems and environments as well as the best-practices and benchmarks that guide remediation.

Key technical capabilities

  • Hardware Upgrade Simulations
  • Best Practice Alignment
  • Configuration Drift Management
  • Remediation Scripts
  • Vulnerability Assessment
  • Security Compliance Audits

Runecast has a number of features built in that our customers love. One such time-saving feature is the Hardware Upgrade Simulation. Comparing your hardware against the VMware Hardware Compatibility List (HCL), Runecast simulates a hardware upgrade. This shows you which pieces of your hardware will be compatible or not with the new version, to ensure that upgrade planning takes less time, is more certain and goes according to plan.

Hardware compatibility

Runecast also has a database of best practices for preventing issues on AWS, Azure, Kubernetes and VMware (including SAP HANA on vSphere, Pure Storage on vSphere, and vSphere on Nutanix). This database audits your environment continuously, reports any violations it finds and tracks where configurations have changed.


Speaking of configuration changes, Runecast has a Configuration Vault that stores details of your environments and their changes over time. This enables you to monitor your configurations and see where they have drifted away from your ideal setup. Once identified, unwanted drift can quickly be resolved.

Configuration Vault

Which brings us to Remediation. This feature automatically generates a remediation script with a click of a button, which can be downloaded or copied and pasted directly into either Ansible or PowerCLI. This step ensures that an administrator has made a final validation, or submitted it to any internal change review process, before the fix is implemented. This enables admins to swiftly take action against any risks found within the environment.


Runecast is also packed with security features and information. The Vulnerabilities feature is built to highlight any applicable vulnerability for all your connected systems, with regular updates. This gives you the confidence to be proactive in your approach to vulnerability management, knowing that you have the latest information at your fingertips.

Security Compliance

Forward-focused organizations already using Runecast Analyzer to mitigate service risks and ensure maximum uptime and security for their IT infrastructures include: Chevron, DocuSign, Erste Bank, Raiffeisen Bank, de Volksbank, Near East Bank, Scania, Avast Software, Notino, University of St Andrews, DHU Health Care (NHS 111 call service provider), and the German Aerospace Center (DLR).

To learn what Runecast can do for you and your organization, please request a trial or contact us via

Don't miss