This year KubeCon finally got back to its pre-pandemic strength all the way in Europe. The Spain edition of the conference was an absolute sellout and definitely put security back in the spotlight. Even before the pandemic, a lot of focus was shifting towards security as things were maturing and Kubernetes was being used in production extensively by an exponentially growing set of enterprises. Multi-tenancy has also definitely been a driving force in the Kubernetes ecosystem that touches the security space. To add to this, the number of cybersecurity threats seen throughout the pandemic only made the need for security greater. The Valencia conference served as the perfect space for organizations to address this issue. Plus, security is now big business in the cloud-native space.
Let’s cover all of the major security-related news from KubeCon Europe.
1. New Relic new security vulnerability monitoring service
New Relic, the popular observability platform, entered the security market at KubeCon 2022 as it rolled out New Relic Vulnerability Management, its new vulnerability management service. The solution provides security, SRE, and DevSecOps teams a unified platform for monitoring software stacks for dependencies by combining data from its native vulnerability detection system as well as third-party tools. This new tool almost seems like security 2.0 since it has the ability to integrate with third-party security tools and slash security risk across the SDLC without compromising on the pace of innovation. However, the primary focus is to send security signals to developers in their pre-production ecosystems. New Relic Vulnerability Management aims to simplify the process of figuring out which security risks require immediate attention and what kind of attention.
2. Oxeye’s CNAST tool for microservice security
Israel-based Oxeye announced the general availability of its Cloud Native Application Security Testing platform at KubeCon Valencia. The tool helps combat the fragmented security testing landscape by focussing on the cloud-native segment of the AST market. It pinpoints vulnerabilities and identifies software secrets that help reveal crucial security pain points as a fundamental part of the SDLC. Oxeye helps identify code vulnerabilities and explains ways to avoid reencountering similar issues. It detects potential security issues in a custom code and provides flow tracing to understand the way microservices communicate with each other. Oxeye provides a dynamic Software Bill of Materials – a complete dependency tree of which services are running, under what licenses were they deployed, and when and by whom were they deployed. It allows developers to embed context-aware application security testing at the most crucial point of a development cycle.
3. Kasten’s ransomware detection
Kasten by Veeam – the acquisition kicking off KubeCon Valencia – announced the launch of its new Kubernetes data management platform, Kasten by Veeam K10 V5.0. This latest release is aimed at delivering detailed risk management strategies and streamlined CI/CD pipelines to help organizations minimize the financial impact of cybercrime as well as de-risk Kubernetes investments. The platform aims to continuously protect data and detect, identify risk and deliver disaster recovery for applications. With the latest version, the team has worked on ransomware attack detection with AWS S3, including KMS integration with HashiCorp Vault and AWS KMS platform hardening, data protection policy guardrails, ecosystem enhancements, etc,. Additionally, the V5.0 update also focuses on ensuring backup and recovery solutions are not just afterthoughts; instead, they integrate with the CI/CD tools and make way for automation to protect applications as they get deployed.
4. Lacework’s new features for Kubernetes security
Lacework announced the launch of new features, aimed at providing enhanced visibility into the Kubernetes environment, for its Polygraph Data Platform at the KubeCon conference in Valencia. With the latest version, the team has focussed on minimizing risks in build time and automating the discovery of suspicious behavior that could mark a potential breach. Lacework is gunning to be a security platform that uses machine learning algorithms to gain insight into complex modern applications and then apply security strategies to the runtimes these applications depend on. It is a tool for developers that can be implemented to safeguard security without having to be a security expert. Lacework rolled out new features such as Infrastructure as Code (IaC) security, Kubernetes audit log monitoring, and integration with the Kubernetes admission controller. It merges varying tools into a unified platform to provide a highly automated solution that makes integrating security into deeper workflows nearly seamless.
5. Deepfence cloud’s security offering
Deepfence announced the launch of Deepfence Cloud, a completely managed security observability solution. The tool will help organizations gain visibility across their complete cloud-native architecture at a great speed. Deepfence Cloud provides an opportunity for customers to use its benefits quickly and smoothly without any administrative burden, identify anomalies in application behavior, map the presence of threats and remediate them with precision. It detects runtime indicators of compromise (IoC) and indicators of attack (IoA) in order to correlate events and tell the story of each attack as it develops. Deepfence Cloud can be easily and smoothly integrated across multiple cloud platforms and it takes care of deployment, management, and maintenance so you can focus on other priorities.
Conclusion
KubeCon Valencia was more vendor dominated than the previous events. This was incredible to witness as ultimately we are building to solve problems for these enterprises and the cloud-native community is very enterprise-focused at this point. Modern applications are complex, highly distributed, and constantly changing. This makes smart and prompt security observability critical for enterprises to protect their customers and themselves.
If you have questions related to this topic, feel free to book a meeting with one of our solutions experts, mail to sales@amazic.com.