Red Hat Advanced Cluster Security for Kubernetes

Jump to section

What is Red Hat Advanced Cluster Security for Kubernetes?

Red Hat Advanced Cluster Security for Kubernetes is a Kubernetes-native security platform that equips you to build, deploy, and run cloud-native applications with more security. The solution helps protect containerized Kubernetes workloads in all major clouds and hybrid platforms, including Red Hat OpenShift, Amazon Elastic Kubernetes Service (EKS), Microsoft Azure Kubernetes Service (AKS), and Google Kubernetes Engine (GKE).

Red Hat Advanced Cluster Security for Kubernetes is included with Red Hat OpenShift Platform Plus, a complete set of powerful, optimized tools to secure, protect, and manage your apps.

Advanced Cluster Security in 2 Minutes

Container technology illustration

Fully managed SaaS delivery

Achieve faster time to value by quickly deploying Red Hat Advanced Cluster Security for Kubernetes as a fully managed Software as a Service (SaaS) solution that reduces costly maintenance and management activity. With no infrastructure to manage, security operators can instead focus on risk reduction and incident triage.

Provide developers with automated guardrails

Red Hat Advanced Cluster Security integrates with DevOps and security tools to help you mitigate threats and enforce security policies that minimize operational risk to your applications within your Kubernetes environment.

It also enables you to provide developers with actionable, context-rich guidelines integrated into existing workflows, along with tooling to support developer productivity.

Red Hat Advanced Cluster Security reduces the time and effort needed to implement security by acting as a common source of truth, so you can streamline security analysis, investigation, and remediation.

Red Hat Advanced Cluster Security for Kubernetes

Features & benefits

Secure the software supply chain

By integrating with your CI/CD pipelines and image registries, Red Hat Advanced Cluster Security provides continuous scanning and assurance. By shifting security left, vulnerable and misconfigured images can be remediated within the same developer environment with real-time feedback and alerts. Integration with Cosign/sigstore delivers security attestation for your assets, including image and deployment signing, for security validation and tamper detection.

Protect the Kubernetes infrastructure

Whether on-premises or in the cloud, Red Hat Advanced Cluster Security delivers Kubernetes security posture management (KSPM) capabilities to ensure the underlying Kubernetes infrastructure remains hardened and protected. Red Hat Advanced Cluster Security continuously scans your environment against CIS benchmarks and other security best practices and prevents misconfigurations and threats to deliver comprehensive Kubernetes-native protection.

Defend the workloads

A vast array of deploy-time and runtime policies come standard with Red Hat Advanced Cluster Security to prevent risky workloads from being deployed or running. Red Hat Advanced Cluster Security monitors, collects, and evaluates system-level events such as process execution, network connections and flows, and privilege escalation within each container in your Kubernetes environments. Combined with behavioral baselining and allowlisting, it detects anomalous activity indicative of malicious intent such as active malware, cryptomining, unauthorized credential access, intrusions, and lateral movement.

Additional benefits

Vulnerability management

Identify and fix vulnerabilities in both container images and Kubernetes across the entire software development life cycle.


Audit your systems against CIS Benchmarks, NIST, PCI, and HIPAA, with interactive dashboards and one-click audit reports.

Network segmentation

Visualize existing vs. allowed network traffic and enforce network policies and tighter segmentation using Kubernetes-native controls.

Risk profiling

See all your deployments ranked by risk level, using context from Kubernetes’ declarative data, to prioritize remediation.

Configuration management

Apply best practices to hardening your Kubernetes environments and workloads for a more secure and stable application.

Detection and response

Use rules, allowlists, and baselining to identify suspicious activity, and take action to thwart attacks, using Kubernetes for enforcement.

Container thumbnail image

KuppingerCole Report Leadership Compass: Container security

Get a comprehensive overview of the container and Kubernetes security market to help you evaluate and select the right container security solution.

Contact sales

Talk to a Red Hatter