Uptycs provides unified supply chain and runtime security for Kubernetes
Uptycs has unveiled new automated code and runtime protections to help security and development teams align on policies, enforce them anywhere, and define remediation workflows — all from a single console. DevSecOps teams can now automate shift-left security controls using fine-grain image policies to detect vulnerabilities, malware, and misplaced secrets throughout the SDLC.
Uptycs also added Kubernetes Goat-based detections and incident response for critical Kubernetes security and misconfiguration scenarios, such as container escape and server-side request forgery (SSRF) exploitation.
“As enterprises accelerate their digital transformation efforts, they’re building new applications and modernizing old ones at a faster pace, and increasingly want to leverage container technology and tailor policies to the needs of different teams and business units,” said Ganesh Pai, CEO at Uptycs.
“With today’s product enhancements, development and security operations teams can enable fast and secure software development by aligning on risk-based policies, security controls, and detections across different container environments and workflows,” Pai added.
Product enhancements bring DevOps and SecOps teams together to reduce risk and benefit customers in multiple ways:
Deeper software supply chain visibility and security for Kubernetes: DevSecOps teams now have end-to-end visibility, traceability, and security of software supply chain components, including source code repositories, CI systems, and container registries. With full image traceability from GitHub pull requests to Kubernetes runtime, customers can mandate flexible policies and incorporate CIS Software Supply Chain benchmarks to enforce source, build, and deployment integrity across their Kubernetes infrastructure.
Built-in DevSecOps controls using image security policies: Using customizable image policy controls for vulnerabilities, secrets, and malware, DevSecOps teams can prioritize fixes and align on remediation guidelines. Security engineers and developers can identify and prioritize risk based on indicators of compromise (IoCs) or mark images as non-compliant if key requirements are not met, including the removal of sensitive data, malware, and exploitable vulnerabilities.
Real-time detections and container remediations based on Kubernetes Goat: Uptycs provides real-world detections and container process remediations to address Kubernetes Goat use cases. Kubernetes Goat is a valuable framework for SecOps teams to learn about the common misconfigurations, vulnerabilities, and threats that can be exploited in Kubernetes clusters. With real-time detection capabilities from the Uptycs Sensor, teams can now easily detect and respond to Goat-defined scenarios such as container breakouts, privilege escapes, and RBAC misconfigurations.