Sign up for our newsletter!
Stay informed on the latest DevOps news

DevOps.com

KSPM and Compliance simplified with Runecast

By: on Leave a Comment

London, UK, MAY 16, 2022 – Runecast Solutions Ltd., a Gartner Cool Vendor and leading provider of simplified security and operational transparency for Kubernetes workloads, is pleased to announce that its patented enterprise platform Runecast (formerly Runecast Analyzer) will expand its current Kubernetes Security Posture Management (KSPM) capabilities with advanced image scanning and CI/CD integration. This will enable Runecast customers to jump-start Q3 2022 with proactive Kubernetes vulnerability management, from code to deployment.

Runecast is an IT Security and Operations platform designed to enable CISOs, CIOs, and their Security and Operations teams with proactive Kubernetes Security Posture Management (KSPM) and show them the most vulnerable areas to focus on first. 

“Kubernetes is no longer the new kid on the block, it’s a well  established container orchestration platform, running mission critical workloads and needs to be treated seriously when it comes to security and compliance,” said Runecast Head of Product Markus Strauss. “Runecast is here to simplify K8s security and speed up operations.”

According to the “State of Kubernetes 2022” report by VMware, 97% of organizations have concerns about K8s security.

Runecast a ‘High Performer’ (via G2 reviews)

In April 2022, Runecast announced its rank as a ‘High Performer’ in the Spring 2022 G2 Grid® Reports for the categories Security Risk Analysis, Cloud Workload Protection Platforms (CWPP), Vulnerability Scanner, Cloud Compliance and Cloud Security.

Running securely on-premises, Runecast automates security compliance checks for Kubernetes with insights into what is happening both on-premises and in the cloud. No sensitive company, employee, or customer data needs to leave the organization. Runecast aims to make vulnerability management easy with CVEs listed in the dashboard alongside vulnerabilities which are known to have been exploited, according to CISA’s KEV catalog.

Expanded Runecast Kubernetes coverage a ‘shift left’

Upon deploying Runecast (in a matter of minutes), IT teams see a list of critical issues and steps to remediate according to Kubernetes Best Practices. Hybrid environments can also see issues for AWS, Azure, VMware, Windows and Linux – all from the same dashboard.

New Kubernetes intelligence and capabilities coming to Runecast at the end of Q2 include:

Image Scanning

Our Kubernetes vulnerability management will extend from the cluster down to the nodes by providing vulnerability scanning for deployed Kubernetes container images. This will provide customers the ability to automate vulnerability management for Kubernetes, ensuring that Kubernetes deployments meet best practices, security and compliance requirements.

CI/CD Integration

The new version of Runecast will bring container-scanning capabilities for Dev and DevOps teams by integrating directly with their CI/CD pipeline, to ensure that ‘rapid develop and deploy’ approaches will be secure. CI/CD integration will allow customers to have limiting criteria at which point a pull request etc. will be automatically rejected. Runecast CI/CD integration will on-demand scan the Template or Manifest for the container to be deployed as part of the pull request and if a predetermined amount of Vulnerabilities are present on that requested container image, it will automatically deny the pull request and prevent this container from being deployed.

Extended (Agent-Based) Collection

The Runecast platform will allow teams much greater insight into the actual nodes running on the Kubernetes cluster and will greatly increase the amount of vulnerabilities that Runecast is able to proactively discover.

How Runecast works for K8s clusters

Runecast offers configuration drift management, security compliance auditing and proactive issues management for your Kubernetes deployments. It automates Kubernetes configuration analysis by auditing common cluster operational and security best practices for KSPM, including the CIS Benchmark (1.6.0) for Kubernetes security. IT teams can deploy Runecast directly to Kubernetes (using a Helm chart) and immediately get automated Kubernetes configuration analysis at the node-level, cluster-level, and workload level.

“By its very nature, Kubernetes is a highly flexible container orchestration system and is deployed across hybrid, multi-cloud, private cloud or on-prem environments. Runecast helps customers where their K8s workloads run, irrespective of their underlying infrastructure,” said Mr. Strauss “Using Runecast, our customers have the ability to scan their infrastructure against 10+ security standards straight out of the box.”

To achieve an optimized level of compliance maturity, the unified visibility and reporting in Runecast brings security and stability to your IT environment, increases the uptime of your infrastructure and reduces overall costs.

About Runecast

Runecast Solutions Ltd. is a leading global provider of a patented solution for IT Security and Operations teams. Forward-focused enterprises like Avast, DocuSign, and the German Aerospace Center (DLR) rely on Runecast for proactive risk mitigation, security compliance, operational efficiency and mission-critical stability. Headquartered in London, U.K., Runecast is a Gartner Cool Vendor and has won Computing awards for Cloud Security Product of the Year and Best Place to Work in Digital. To add proactive to your IT strategy, visit www.runecast.com.

Contact Information

Runecast Solutions Ltd.
2164 R – Kemp House, 152 City Road
London EC1V 2NX, UK
Contact us here

Zuzana Belehradova
Community & Campaign Manager
team@runecast.com