Uptycs, provider of the first unified CNAPP and XDR solution, announced enhanced Kubernetes and container security capabilities. These new features provide threat detection for container runtime correlated with the Kubernetes control plane attacks alongside scanning of container images in registries for vulnerabilities, malware, credentials, secret keys, and other sensitive information.
According to the latest Cloud Native Computing Foundation survey, 96% of organizations are either using or evaluating Kubernetes—the highest percentage since the surveys began in 2016.1 Yet many organizations are not prepared to detect threats against these new deployments. “Kubernetes-orchestrated clusters are essentially ‘clouds within clouds.’ The monitoring and visibility of the Kubernetes logs, network flows and application behaviors within the cluster should be baselined and analyzed for indications of compromise,” recommends Gartner.2
Organizations can detect attacks against their Kubernetes deployments by adopting a shift up approach to cybersecurity, in which telemetry emanating from Kubernetes clusters and containers, laptops, and cloud services is normalized at the point of collection, but processed, correlated, and analyzed in a data lake.
Unlike siloed endpoint and cloud security solutions, Uptycs protects the entire arc of cloud-native application development, from the developer’s laptop to container runtime. “Threat actors know a developer’s laptop is often just one hop away from cloud infrastructure,” said Ganesh Pai, co-founder and CEO of Uptycs. “Uptycs correlates risk signals from the modern attack surface for lightning-fast, contextualized detection and response. We do this with our unique, telemetry-powered approach and Detection Cloud. It’s a shift up approach to cybersecurity that brings together multiple teams and types of IT infrastructure into a unified data model and UI.”
“Our security team is organized around six domains including threat detection and response, risk and compliance, application security, data security, infrastructure security, and enterprise security,” said Anwar Reddick, Director of Information Security at Greenlight Financial. “Having a single solution like Uptycs that traverses these domains, and contextualizes threat activity across multiple asset types like Kubernetes, cloud services, and laptops improves cross-domain collaboration and insights. As a result, we’ve dramatically shortened our threat investigation time.”