Cloud-native applications require advanced security controls
Protecting cloud-native applications requires significant changes in how we approach security. We must apply controls earlier in the application development life cycle, use the infrastructure itself to apply controls, provide developer-friendly guardrails, and keep up with increasingly rapid release schedules.
Red Hat® Advanced Cluster Security for Kubernetes, powered by StackRox, protects your vital applications across build, deploy, and runtime. Our software deploys in your Kubernetes infrastructure as a self-managed security solution or you can consume it as a fully managed Software-as-a-Service (SaaS). Additionally, it integrates with your existing DevOps tooling and workflows to deliver better security and compliance. The policy engine includes hundreds of built-in controls to enforce DevOps and security-focused best practices based on industry standards such as Center for Internet Security (CIS) Benchmarks and National Institute of Standards Technology (NIST) guidelines, configuration management of both containers and Kubernetes, and runtime security.
Red Hat Advanced Cluster Security provides a Kubernetes-native architecture for platform and application security, allowing DevOps and InfoSec teams to operationalize security.
Features and benefits of Red Hat Advanced Cluster Security for Kubernetes
- Lower operational cost
- Guide development, operations, and security teams towards using a common language and source of truth—driving down the operational costs of team silos.
- Use Kubernetes-native controls across the build, deploy, and runtime phases of the application for better visibility and management of vulnerabilities, policy and configuration violations, and application runtime behavior.
- Reduce the cost of addressing a security issue by catching and fixing it in the development stage.
- Reduce operational risk
- Align security and infrastructure to reduce application downtime using built-in Kubernetes capabilities, such as Kubernetes network policies for segmentation and admission controller for security policy enforcement
- Mitigate threats using Kubernetes-native security controls to enforce security policies, minimizing potential impacts to your applications and infrastructure operations. For example, using controls to contain a successful breach by automatically instructing Kubernetes to scale suspicious pods to zero or kill then restart instances of breached applications.
- Increase developer productivity
- Take advantage of Kubernetes and existing continuous integration and continuous delivery (CI/CD) tooling to provide integrated security guardrails supporting developer velocity while still maintaining the desired security posture.
- Accelerate your organization’s pace of innovation and provide developers actionable guidance by standardizing on Kubernetes as the common platform for declarative and continuous security across development, security, and operations.
|Runtime detection and response||