Category: Amazon Elastic Kubernetes Service

Cisco Security Cloud uses Anchore to achieve FedRAMP compliance for its cloud solutions. Anchore integrates with Cisco’s AWS CodePipeline, Amazon ECR registry, and Amazon EKS to scan containers throughout the pipeline, enforcing vulnerability policies. Its integration allowed Cisco to expand Anchore to Amazon ECS and generate software bill of materials for the cybersecurity executive order. The comprehensive Anchore solution on AWS strengthened Cisco’s regulated security posture.

NextBillion.ai provides mapping solutions for enterprises, aiming to deliver precise estimated time of arrival (ETA). It developed ENZYME, a system leveraging AWS services like Amazon SageMaker to evaluate map quality and improve ETA accuracy through machine learning. By feeding industry data into custom models, ENZYME reduces the mean absolute percentage error between estimated and actual arrival times by 10-20% compared to regular maps.

nOps Compute Copilot extends the capabilities of the open-source Karpenter Kubernetes cluster autoscaler, adding awareness of your AWS compute commitments like Reserved Instances and Savings Plans. It also analyzes Amazon EC2 Spot pricing data and termination risk to intelligently select the most cost-effective and stable Spot Instances for workloads. nOps automatically manages your Karpenter configurations, updating NodePools based on its cost optimization analysis and recommendations.

Kubernetes simplifies application deployment but introduces certificate management challenges. Amazon EKS is a managed Kubernetes service that automates security patching, while AppViewX KUBE+ automates certificate lifecycle management across the Kubernetes environment. By integrating AppViewX KUBE+ with EKS, organizations gain robust automation, DevOps and security alignment, operational efficiency, and agility for secure cloud-native operations.

Containers are a leading method for packaging applications, with Kubernetes emerging as the top orchestration solution. You can enable secure and efficient self-service cluster provisioning on Amazon EKS using open-source tools like AWS Controllers for Kubernetes (ACK), Kyverno, and ArgoCD. This post demonstrates how enterprises can leverage these tools along with Nirmata’s Policy Manager to streamline EKS cluster management, apply security policies, and ensure compliance in a Kubernetes environment.

SaaS relies on the cloud for efficient delivery, but faces data challenges like tenant isolation, high storage costs, and compliance requirements. Amazon FSx for NetApp ONTAP solves these by providing multi-tenancy, storage efficiencies, persistent Kubernetes storage, and more. It enables SaaS providers to enhance agility while managing data availability, protection, security and costs. Arcesium reduced dev/test refreshes by 80% and overall costs by 46% using FSx for ONTAP.

Managing cloud costs is complex without enterprise-wide visibility, and FinOps provides financial accountability to maximize investments. Kyndryl’s approach to FinOps on AWS emphasizes transparent visibility for cultural transformation through continuous optimization, cost attribution, savings recommendations, anomaly detection, and role-based access across hybrid clouds. Customers can expect up to 30% savings through Kyndryl’s cost optimization expertise.

Social media is an integral part of everyday life as billions use it to connect, share, and find entertainment. Hootsuite provides businesses with a secure, scalable platform to manage social media across channels, analyze performance, and deliver customer care. By leveraging AWS services, Hootsuite offers robust tools to help brands economically manage their digital footprint, better understand their audience, and optimize their social media investments.

AWS customers can run Kubernetes on managed services like Amazon EKS or self-managed options. To secure these environments, Red Hat Advanced Cluster Security for Kubernetes (RHACS) detects vulnerabilities and policy violations. Its findings can be sent to AWS Security Hub which aggregates security issues across AWS services. This post walks through installing RHACS on Red Hat OpenShift Service on AWS, creating policies in RHACS, and integrating with Security Hub to view findings.

Kubernetes security is often approached in a fragmented way, separating build time, runtime, and infrastructure security. An interconnected security approach is essential, acknowledging relationships between build, runtime, and infrastructure. Cloudanix enables this through end-to-end integration, from build time image scanning to runtime threat monitoring, strengthening security posture by reducing attack surface, enhancing compliance, and empowering swift response.