Uptycs announced enhanced container and Kubernetes security posture management (KSPM) capabilities for its cloud workload protection platform (CWPP) offering.
These capabilities provide real-time detection for containerized workloads, proactive scanning of container images in the CI/CD pipeline, continuous compliance monitoring, and Kubernetes security policy audit and enforcement.
According to Gartner, more than 90% of global organizations will be running containerized applications in production by 2026, up from less than 40% today. But organizations struggle to manage and protect these ephemeral assets. Attackers take advantage of misconfigurations in the control plane and insecure policies at the individual container layer to escalate permissions, perform container escape, and compromise nodes for code execution.
“Organizations are rapidly scaling their Kubernetes environments and seeing tremendous gains in optimization, availability, and developer productivity, but too often Security teams are left playing catch up,” says Ganesh Pai, CEO and Co-founder of Uptycs. “With telemetry from Kubernetes systems supported by our analytics platform, Security teams know immediately what resources they have and the security posture of those resources—across public and private clouds, scaling to tens of thousands of pods. Combined with our industry-leading container security capabilities, this gives Security teams confidence that they have the proper controls in place to minimize risk while enabling innovation.”
The Uptycs platform provides security observability for cloud-first organizations. Adding telemetry from the Kubernetes control plane and extending scanning capabilities into the CI/CD pipeline closes critical gaps for Security teams. The new Uptycs container and Kubernetes security features enable Security teams to:
- Inventory K8s resources and map relationships – Easily see all your K8s clusters across public and private cloud environments; visually map relationships between clusters, nodes, and pods; filter and search for vulnerabilities and threats by namespace; and drill down into vulnerability, compliance, and threats for each cluster and node.
- Audit and enforce policies – Gain observibility for the Kubernetes control plane and perform proactive image assurance to ensure secure image configurations, validate existing Kubernetes resources against continuously evolving OPA constraints, and enforce policies during admission (through the Gatekeeper policy controller) of Kubernetes resources and audit of the Kubernetes resources using the most recent security policies.
- Simplify compliance at scale – Continuously monitor for compliant configurations (CIS Benchmarks, PCI-DSS, and SOC 2), build customizable audit rules, and identify images with failed policy checks. Uptycs offers compliance monitoring and reporting for both the Kubernetes control plane as well as nodes/pods/containers.
- Secure the DevOps pipeline – Scan containers for vulnerabilities at the build, deploy, and runtime stages of the CI/CD pipeline to reduce or mitigate risk in production. Enable agile DevOps workflows by reducing the time to secure and deploy containers. Scan runtime resources in real-time, immediately understanding the scope and scale of vulnerabilities in production Kubernetes resources.
- Detect and respond to real-time malicious behavior – Create flexible YARA rules for scanning container processes with 200+ out-of-the-box YARA rules, map container-specific behavioral detections to the MITRE ATT&CK framework, monitor known bad domains and IP addresses, and proactively scan for threats with a constantly updated APT database.
Uptycs supports fully-managed Kubernetes environments (AWS EKS, Azure AKS, Google GKE), as well as those that are self-managed, including VMware Tanzu and Google Anthos. For containers, Uptycs supports multiple container runtimes (Docker, containerd, CRI-O).
The new KSPM capabilities supported by the Uptycs platform are generally available now.