The Company’s Kubernetes Security Platform Enables Users to Meet Recently Released NSA and CISA Hardening Guidelines
KSOC, an event-driven security platform designed to automatically remediate Kubernetes security risks and enforce least-privilege access control across distributed customer infrastructures, today announced that its platform meets Kubernetes hardening guidelines issued by the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA). Recently released guidelines recommend the following mitigations: scan environments for vulnerabilities and misconfigurations; monitor privileged access control, use network separation; limit network connectivity; deploy strong authorization and authentication; capture and monitor audit logs; and periodically review Kubernetes settings.
Although millions of developers are harnessing the power of Kubernetes, many struggle to properly secure containerized infrastructure. The guidance published by the NSA and CISA will help organizations better navigate the complexity of securing the Kubernetes architecture, avoid misconfigurations, and strengthen overall container security strategies. KSOC supports organizations by providing a solution focused on event-based decision making, distributed policies, and least-privileged identity rights. These product features allow users to operate Kubernetes with confidence and peace of mind.
“I am very pleased that the federal government has stepped up to provide individuals and industry with important recommendations to encourage data protection and security risk mitigation,” said Ron Gula, President of Gula Tech Adventures. and co-founder of Tenable Network Security. “As Kubernetes is increasingly adopted by organizations of all sizes, it is essential that individuals and businesses apply these federal recommendations to their systems. One of the key ways to do this is through the use of products such as KSOC, which are securely designed to simplify the process of securing clusters for developers and help protect all of our systems from malware and hacking.”
The KSOC platform includes Kubernetes Detection and Response (KDR) and Kubernetes Infrastructure Entitlements Management (KIEM) products including the following features deemed essential for securing Kubernetes clusters:
KSOC seamlessly connects to Kubernetes and public cloud APIs as a data source, continuously monitors misconfigurations and vulnerabilities within a cluster, and analyzes Kubernetes audit logs.
KSOC frequently checks privileged containers running inside a cluster, alerting users to changes in administrator privileges and automatically remediating over-privileged access.
KSOC provides functionality to audit Kubernetes role-based access control activities and provides suggestions over time to adapt access.
KSOC is an event-driven platform that monitors running clusters in real time for security issues, including known vulnerabilities and other security events. The platform can quickly identify and fix common misconfigurations and vulnerabilities, as well as less common ones.
“KSOC was founded to address the market need for better Kubernetes security, and the NSA and CISA guidelines highlight the importance of ensuring clusters are properly secured to thwart today’s security threats,” says Jimmy Mesta, co-founder and technical director of KSOC. “We have deep Kubernetes expertise and have built a comprehensive platform that addresses all critical security components. We are confident that these new guidelines will propel organizations in the right direction and we are excited to serve as a Kubernetes security partner. of confidence.”
KSOC will be hosting a webinar on April 21 at 1:00 p.m. CT to dive deeper into the guidance provided by the NSA, as well as demonstrate what the KSOC platform can do and provide insight into some roadmap topics. Register today.
To learn more about KSOC, please visit: https://www.ksoc.com/
KSOC (Kubernetes Security Operations Center) reduces an organization’s attack surface with Kubernetes Detection and Response (KDR) as well as Kubernetes Infrastructure Entitlements Management (KIEM). KSOC is the security partner of choice for companies looking to adopt and scale Kubernetes in their enterprise without impacting the speed of development. The event-driven SaaS platform offers rapid remediation of misconfigurations and vulnerabilities, enabling developers and security teams to secure their workloads at the code level. For more information: https://www.ksoc.com/.