Uptycs CWPP adds agentless scanning

Uptycs added agentless scanning, offering customers more options to secure their cloud workloads. Customers can now use both deployment options, agent-based and agentless, to solve their organizations’ cloud security and compliance challenges.

Users can see compliance, vulnerabilities, and threats across all their K8s clusters, including managed services such as AKS, EKS, and GKE

Extending Uptycs’ existing agentless cloud security offerings, this new feature enables security teams to scan 100% of their cloud workloads quickly—even unmanaged assets—to detect risk including misconfigurations, policy violations, exposed secrets, vulnerabilities, and malware.

Public cloud infrastructure gained popularity because of the ease by which developers could provision new infrastructure, without having to go through IT. However, they often bypass governance controls. Agentless workload scanning ensures that security teams can measure risk for 100% of their cloud workloads, including workloads where application owners don’t allow agents.

“Our customers spoke and we listened. Agentless workload scanning was an important request as security teams looked to remove the organizational friction associated with installing agents,” said Ganesh Pai, co-founder and CEO of Uptycs. “With this addition, our customers can measure security risk across their entire cloud workload estate. With the option to deploy agent-based and agentless workload security, our customers get the best of both worlds—100 percent coverage and continuous runtime security for critical workloads.”

Uptycs’ agent-based workload protection capabilities provide the highest level of security with continuous observation of the runtime, including ATT&CK-mapped behavioral detections and remediation and blocking capabilities. Agentless workload scanning offers compensating controls when installing agents is not possible or in situations where fast and complete coverage is critical, such as when supporting mergers and acquisitions. Key benefits of Uptycs’ agentless workload scanning:

• 100% coverage – With agentless scanning, customers can quickly extend workload security to rogue virtual machines (VM), workloads, or environments that security teams do not have access to.
• Fast, friction-free deployment – Agentless workload scanning gives customers a fast, point-in-time snapshot of the security posture of all workloads in the environment. Customers can measure risk (vulnerabilities and misconfigurations), detect malware, and understand the compliance posture of workloads. It’s completely passive and does not interfere with applications, or require involvement from other teams.
• No customer data leaves the customer’s environment – Unlike other agentless workload scanning offerings, no data leaves the customer environment—only API calls enter and metadata scan results leave. This model preserves customers’ data sovereignty and protects privacy and is important for organizations in highly-regulated industries.
• Customers can choose the combination that best meets their needs – With both options available, customers can deploy Uptycs sensors for workloads requiring the highest level of security, while still ensuring visibility into risks for their entire environment with the agentless deployment.
• Standardized telemetry – The Uptycs agentless workload scanning uses the same technology as the sensor, without requiring agent installation. This means that telemetry is normalized at the point of collection and immediately available for analysis, reporting, and query. Both deployment options are available through one user interface (UI) and offer unmatched customization options such as support for YARA rules.