Red Hat Advanced Cluster Security Cloud Service

For the EMEA region, Red Hat® Advanced Cluster Security for Kubernetes is the pioneering Kubernetes-native security platform, equipping organizations to more securely build, deploy, and run cloud-native applications anywhere. The solution helps improve the security of the application build process, protect the application platform and configurations, and detect and respond to runtime issues.

Red Hat Advanced Cluster Security for Kubernetes lowers operational costs by reducing the learning curve for implementing Kubernetes security, provides built-in controls for enforcement to reduce operational risk, and uses a Kubernetes-native approach that supports built-in security across the entire software development life cycle, facilitating greater developer productivity.

To request a demo: https://www.redhat.com/en/engage/security-managed-service-20221011

Key Features Visibility

• * Delivers a comprehensive view of your Kubernetes environment, including all images, pods, deployments, namespaces, and configurations.
• * Discovers and displays network traffic in all clusters spanning namespaces, deployments, and pods.

Vulnerability Management

• * Scans images for known vulnerabilities based on specific languages, packages, and image layers. Provides a dashboard highlighting the riskiest image vulnerabilities and deployments
• * Verifies image signatures against preconfigured keys for image attestation and integrity. Correlates vulnerabilities to running deployments, not just images Enforces policies based on vulnerability details at build time using continuous integration/continuous delivery (CI/CD) integrations.

Compliance

• * Assesses compliance across hundreds of controls for CIS Benchmarks, payment card industry (PCI), Health Insurance Portability and Accountability Act (HIPAA), NERC-CIP, and NIST SP 800-190 and 800-53 Delivers at-a-glance dashboards of overall compliance across the controls of each standard with evidence exported to meet auditor needs.
• * Provides a detailed view of compliance details to pinpoint clusters, namespaces, nodes, or deployments namespaces that do not comply with specific standards and controls.

Network Segmentation

• * Visualizes allowed vs. active traffic between namespaces, deployments, and pods, including external exposures.
• * Simulates network policy changes before they are implemented to minimize operational risk to the environment.

Risk Profiling

• * Heuristically ranks your running deployments according to their overall security risk by combining security-relevant data such as vulnerabilities, configuration policy violations, and runtime activity.
• * Tracks improvements in the security posture of your Kubernetes deployments to validate the impact of your security team actions.

Configuration Management

• * Delivers prebuilt DevOps and security policies to identify configuration violations related to network exposures, privileged containers, processes running as root, and compliance with industry standards.
• * Analyzes Kubernetes role-based access control (RBAC) settings to determine user or service account privileges and misconfigurations Tracks secrets and detects which deployments use the secrets to limit access.

Runtime Detection and Response

• * Monitors system-level events within containers to detect anomalous activity indicative of a threat with the automated response using Kubernetes-native controls.
• Baselines process activity in containers to automatically whitelist processes, eliminating the need to manually whitelist Uses prebuilt policies to detect crypto mining, privilege escalation, and various exploits.

A 60-day cloud service trial for Red Hat® Advanced Cluster Security cloud service is available. Please click on the link below for the Free Trial: https://www.redhat.com/en/technologies/cloud-computing/openshift/advanced-cluster-security-kubernetes/trial

It may take time until this offer will be available to provision in console.redhat.com