Bringing new levels of security to the cloud-native frontier: Unified posture management and real-time protection

As enterprises scale their digital operations migrating to modern, cloud-native application platforms, security teams are consistently confronted with significant challenges. The dynamic and distributed nature of these environments makes traditional, perimeter-focused security tools and methodologies inadequate. Security for a modern hybrid cloud environment requires granular visibility, context-aware protection, and unified management across continuous integration/continuous deployment (CI/CD) pipelines to live production runtimes. This fundamental shift toward using containers, virtual machines (VMs), and AI in hybrid cloud architectures introduces complex new security challenges. Points of exposure include:

• "Cluster-blind" EDR: Traditional Endpoint Detection and Response (EDR) tools, designed for VMs and bare metal, lack the context to effectively monitor the ephemeral nature of pods, containers, and services within a managed application platform. They often go "cluster-blind," missing critical runtime threats and lateral movement.
• Fragmented tooling and alert fatigue: Niche container security tools focus solely on specific aspects like image scanning or compliance, creating fragmented security. Managing disparate tools for posture, runtime, and application security leads to complex workflows, inconsistent policy enforcement, and overwhelming alert fatigue for security teams.
• DevOps friction:  Security gate-checks that aren't a native extension of a code to cloud platform slow down CI/CD pipelines, forcing DevOps teams to choose between speed and security, effectively introducing an "innovation tax."

The solution: Cortex Cloud's deep, native integration with Red Hat OpenShift

Palo Alto Networks and Red Hat have collaborated to deliver a deep, native integration that provides more consistent and comprehensive security capabilities across all Red Hat OpenShift environments, including containers, VMs, and AI deployments.

This solution taps Palo Alto Networks’ security stack, specifically optimized for Red Hat OpenShift, merging:

1. Unified posture management (powered by KSPM Connector):
   • The KSPM Connector provides continuous, in-depth visibility into the configuration of the OpenShift cluster control plane, namespaces, worker nodes, and deployed workloads.
   • It checks for misconfigurations against industry benchmarks (e.g., CIS, NIST, PCI, CSA) and organizational best practices.
   • This is crucial for providing a more consistent security posture across self-managed clusters and managed services like Red Hat OpenShift Service on AWS and Microsoft Azure Red Hat OpenShift, including support for the latest Red Hat OpenShift 4.18.
   • Native OpenShift Registry protection: Strengthen the security of your development lifecycle with automated discovery and scanning of the built-in OpenShift registry for vulnerabilities, malware, and secrets. This feature offers "zero-friction onboarding" by automatically creating a registry data source during cluster setup, using a cost-optimized scanning methodology to allow continuous protection without impacting production performance.
2. Real-time protection (powered by Cortex XDR Agent):
   • This is a hardened layer of runtime protection purpose-built for modern, cloud-native stacks.
   • The agent integrates with Red Hat Enterprise Linux CoreOS (RHCOS), providing resilient protection, with minimal impact to performance.
   • It delivers Active Runtime Threat Prevention by monitoring for exploits targeting containerized applications, detecting sophisticated attacks like supply chain compromises, and preventing lateral movement between pods. It helps to protect against threats such as credential theft, malicious behavior, resource hijacking, and cryptojacking without adding operational friction.

The business value of convergence: Efficiency, scale, and risk reduction

Together, we want to deliver security as an accelerator, not a roadblock. This requires embedding security features into existing workflows. Cortex by Palo Alto Networks expands industry-leading security capabilities directly into your hybrid cloud modern infrastructure, providing a single, unified platform for security teams to see and enhance the security of everything within their IT estates. By extending advanced security capabilities into Red Hat OpenShift, together we allow enterprises to eliminate the need for disconnected point products. This work bridges the gap between real-time protection and posture management within Red Hat OpenShift environments without focusing on features; rather it’s about reducing operational complexity and accelerating business outcomes.

• Operational consolidation: By extending our advanced security capabilities into Red Hat OpenShift, enterprises eliminate the need for disconnected point products. This means one set of APIs, one policy engine, and one user interface (UI) for your platform engineering and SOC teams, drastically reducing tool sprawl and management overhead.
• Zero-friction onboarding: Our solution offers zero-friction onboarding, preventing OpenShift clusters from being "born" unprotected. The simplified, unified workflow reduces time-to-protection from days to minutes.
• Accelerated innovation with reduced risk: By making it possible to embed native Palo Alto Networks security functions into Red Hat OpenShift, security enhancements become invisible to developers while remaining comprehensive for the SOC. This allows DevOps teams to move faster with the confidence that a strong security posture is enforced by default.

The cornerstone of this partnership is the unified OpenShift onboarding experience. Easily deploy the KSPM Connector and the Cortex XDR Agent in a single, streamlined workflow, allowing for immediate, end-to-end systems security coverage from Day 1. With this simplified experience, customers no longer have to choose between posture and real-time IT security. They can deploy with greater confidence knowing security is at the forefront of their OpenShift infrastructure.

Key takeaways:

• Convergence is key: Unify Kubernetes posture management (KSPM) and real-time monitoring and protection (CDR) into a single platform to eliminate security fragmentation and alert fatigue.
• Native to OpenShift: The solution is deeply integrated and optimized for Red Hat OpenShift, including RHCOS and managed services (Red Hat OpenShift Service on AWS, Azure Red Hat OpenShift) for more consistent, low-friction security capabilities.
• Accelerate DevOps: Zero-friction onboarding and a unified platform reduce the "security tax," allowing your developers to innovate at speed without compromising system security.
• Proactive defense: Go beyond visibility with active runtime threat prevention to stop breaches in real time, protecting against critical exploits and lateral movement within your clusters.

To learn, test, and configure Red Hat OpenShift and Cortex, check out the following resources: 

Resources:

• Cortex Help Center
• Red Hat Partner Ecosystem Catalog
• Try Red Hat OpenShift Container Platform free for 60 Days
• Cortex Cloud Demo
• Unified OpenShift onboarding
• Linux Compatibility Matrix