News & Views
Aqua Security launches KSPM
A suite of Kubernetes security posture management (KSPM) and agentless runtime protection to defend organizations against multiple threats to K8s-based applications has been launched by Aqua Security (www.aquasec.com).
“The large-scale use of Kubernetes, as well as developments in the threat landscape, necessitate a comprehensive approach to securing applications that goes beyond generic benchmarks, providing seamless workload protection in runtime. We’ve been working with our enterprise customers to make it easier to securely deploy and seamlessly protect applications that run on Kubernetes, while complementing our existing capabilities in Kubernetes and container security,” explains Amir Jerbi, CTO and co-founder at Aqua
“Aqua’s new Kubernetes security solution addresses the complexity and short supply of engineering expertise required to configure Kubernetes infrastructure effectively and automatically, by introducing KSPM – Kubernetes Security Posture Management – a coherent set of policies and controls to automate secure configuration and compliance.”
With its new Kubernetes Runtime Protection module, Aqua introduces a new model for deploying security runtime controls in a Kubernetes cluster, complementing its existing container runtime security deployment options.
“This new model leverages Kubernetes Admission Controllers to deploy and govern sidecar containers within Pods, in a similar fashion to other cloud native tools such as Envoy,” continues Jerbi.
“This mode of deployment enables greater automation of deployment and does not require any privileges on the node’s host OS, while providing dynamic runtime controls such as container drift prevention, behavioural controls, and network controls.
In addition to the extensions to Kubernetes security capabilities, this latest release adds many new features and enhancements including: new customizable dashboard; AWS Bottlerocket support; Auto-remediation for Azure in Aqua CSPM: new compliance reports in Aqua CSPM; and VM security with flexible scan scheduling, scan history review, and malware scans on mounted NFS shares.
In a recent research note, Gartner asserts that “Kubernetes’ inherent complexity often leads to outdated versions and misconfiguration by organizations, making clusters susceptible to compromise. Though some security mechanisms are included by design, K8s by itself is not a security offering, and security settings aren’t always enabled by default. Protecting a K8s cluster is a significant undertaking, requiring both substantial understanding of the underlying technology and engineering expertise to configure it all.” (source: Gartner, Guide to Application Security Concepts, Michael Isbitski and Frank Catucci, 29 July 2020).