DevOps.com

  • Latest
    • Articles
    • Features
    • Most Read
    • News
    • News Releases
  • Topics
    • AI
    • Continuous Delivery
    • Continuous Testing
    • Cloud
    • Culture
    • DevSecOps
    • Enterprise DevOps
    • Leadership Suite
    • DevOps Practice
    • ROELBOB
    • DevOps Toolbox
    • IT as Code
  • Videos/Podcasts
    • DevOps Chats
    • DevOps Unbound
  • Webinars
    • Upcoming
    • On-Demand Webinars
  • Library
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Communities
    • AWS Community Hub
    • CloudBees
    • IT as Code
    • Rocket on DevOps.com
    • Traceable on DevOps.com
    • Quali on DevOps.com
  • Related Sites
    • Techstrong Group
    • Container Journal
    • Security Boulevard
    • Techstrong Research
    • DevOps Chat
    • DevOps Dozen
    • DevOps TV
    • Digital Anarchist
  • Media Kit
  • About
  • AI
  • Cloud
  • Continuous Delivery
  • Continuous Testing
  • DevSecOps
  • Leadership Suite
  • Practices
  • ROELBOB
  • Low-Code/No-Code
  • IT as Code
  • More
    • Application Performance Management/Monitoring
    • Culture
    • Enterprise DevOps

Home » KubeCon + CNC EU 2022 » KSPM and Compliance simplified with Runecast

KSPM and Compliance simplified with Runecast

By: Veronica Haggar on May 16, 2022 Leave a Comment

London, UK, MAY 16, 2022 – Runecast Solutions Ltd., a Gartner Cool Vendor and leading provider of simplified security and operational transparency for Kubernetes workloads, is pleased to announce that its patented enterprise platform Runecast (formerly Runecast Analyzer) will expand its current Kubernetes Security Posture Management (KSPM) capabilities with advanced image scanning and CI/CD integration. This will enable Runecast customers to jump-start Q3 2022 with proactive Kubernetes vulnerability management, from code to deployment.

Recent Posts By Veronica Haggar
  • TechStrong Con 2022: Exploring What’s Next in Tech
  • Armory Launches Continuous Deployment-as-a-Service Product
  • ShiftLeft Announces Strategic Investment from and Go-to-Market Partnership with Wipro
More from Veronica Haggar
Related Posts
  • KSPM and Compliance simplified with Runecast
  • KubeCon: SysEleven Unveils MetaKube Operator
  • Trilio Announces Technical Preview of ‘Continuous Restore’, Delivering Cloud-Native Application Portability and Recoverability in Seconds Across Disparate Infrastructure
    Related Categories
  • KubeCon + CNC EU 2022
  • Latest News Releases
    Related Topics
  • KubeCon + CloudNativeCon EU 2022
  • Runecast
Show more
Show less

Runecast is an IT Security and Operations platform designed to enable CISOs, CIOs, and their Security and Operations teams with proactive Kubernetes Security Posture Management (KSPM) and show them the most vulnerable areas to focus on first. 

DevOps Connect:DevSecOps @ RSAC 2022

“Kubernetes is no longer the new kid on the block, it’s a well  established container orchestration platform, running mission critical workloads and needs to be treated seriously when it comes to security and compliance,” said Runecast Head of Product Markus Strauss. “Runecast is here to simplify K8s security and speed up operations.”

According to the “State of Kubernetes 2022” report by VMware, 97% of organizations have concerns about K8s security.

Runecast a ‘High Performer’ (via G2 reviews)

In April 2022, Runecast announced its rank as a ‘High Performer’ in the Spring 2022 G2 Grid® Reports for the categories Security Risk Analysis, Cloud Workload Protection Platforms (CWPP), Vulnerability Scanner, Cloud Compliance and Cloud Security.

Running securely on-premises, Runecast automates security compliance checks for Kubernetes with insights into what is happening both on-premises and in the cloud. No sensitive company, employee, or customer data needs to leave the organization. Runecast aims to make vulnerability management easy with CVEs listed in the dashboard alongside vulnerabilities which are known to have been exploited, according to CISA’s KEV catalog.

Expanded Runecast Kubernetes coverage a ‘shift left’

Upon deploying Runecast (in a matter of minutes), IT teams see a list of critical issues and steps to remediate according to Kubernetes Best Practices. Hybrid environments can also see issues for AWS, Azure, VMware, Windows and Linux – all from the same dashboard.

New Kubernetes intelligence and capabilities coming to Runecast at the end of Q2 include:

Image Scanning

Our Kubernetes vulnerability management will extend from the cluster down to the nodes by providing vulnerability scanning for deployed Kubernetes container images. This will provide customers the ability to automate vulnerability management for Kubernetes, ensuring that Kubernetes deployments meet best practices, security and compliance requirements.

CI/CD Integration

The new version of Runecast will bring container-scanning capabilities for Dev and DevOps teams by integrating directly with their CI/CD pipeline, to ensure that ‘rapid develop and deploy’ approaches will be secure. CI/CD integration will allow customers to have limiting criteria at which point a pull request etc. will be automatically rejected. Runecast CI/CD integration will on-demand scan the Template or Manifest for the container to be deployed as part of the pull request and if a predetermined amount of Vulnerabilities are present on that requested container image, it will automatically deny the pull request and prevent this container from being deployed.

Extended (Agent-Based) Collection

The Runecast platform will allow teams much greater insight into the actual nodes running on the Kubernetes cluster and will greatly increase the amount of vulnerabilities that Runecast is able to proactively discover.

How Runecast works for K8s clusters

Runecast offers configuration drift management, security compliance auditing and proactive issues management for your Kubernetes deployments. It automates Kubernetes configuration analysis by auditing common cluster operational and security best practices for KSPM, including the CIS Benchmark (1.6.0) for Kubernetes security. IT teams can deploy Runecast directly to Kubernetes (using a Helm chart) and immediately get automated Kubernetes configuration analysis at the node-level, cluster-level, and workload level.

“By its very nature, Kubernetes is a highly flexible container orchestration system and is deployed across hybrid, multi-cloud, private cloud or on-prem environments. Runecast helps customers where their K8s workloads run, irrespective of their underlying infrastructure,” said Mr. Strauss “Using Runecast, our customers have the ability to scan their infrastructure against 10+ security standards straight out of the box.”

To achieve an optimized level of compliance maturity, the unified visibility and reporting in Runecast brings security and stability to your IT environment, increases the uptime of your infrastructure and reduces overall costs.

About Runecast

Runecast Solutions Ltd. is a leading global provider of a patented solution for IT Security and Operations teams. Forward-focused enterprises like Avast, DocuSign, and the German Aerospace Center (DLR) rely on Runecast for proactive risk mitigation, security compliance, operational efficiency and mission-critical stability. Headquartered in London, U.K., Runecast is a Gartner Cool Vendor and has won Computing awards for Cloud Security Product of the Year and Best Place to Work in Digital. To add proactive to your IT strategy, visit www.runecast.com.

Contact Information

Runecast Solutions Ltd.
2164 R – Kemp House, 152 City Road
London EC1V 2NX, UK
Contact us here

Zuzana Belehradova
Community & Campaign Manager
[email protected]

Filed Under: KubeCon + CNC EU 2022, Latest News Releases Tagged With: KubeCon + CloudNativeCon EU 2022, Runecast

Sponsored Content
Featured eBook
Hybrid Cloud Security 101

Hybrid Cloud Security 101

No matter where you are in your hybrid cloud journey, security is a big concern. Hybrid cloud security vulnerabilities typically take the form of loss of resource oversight and control, including unsanctioned public cloud use, lack of visibility into resources, inadequate change control, poor configuration management, and ineffective access controls ... Read More
« Sosivio’s Predictive Troubleshooting for Kubernetes Gives Answers, Not Data
Why Over-Permissive CI/CD Pipelines are an Unnecessary Evil »

TechStrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

Deploying Microservices With Pulumi & AWS Lambda
Tuesday, June 28, 2022 - 3:00 pm EDT
Boost Your Java/JavaScript Skills With a Multi-Experience Platform
Wednesday, June 29, 2022 - 3:30 pm EDT
Closing the Gap: Reducing Enterprise AppSec Risks Without Disrupting Deadlines
Thursday, June 30, 2022 - 11:00 am EDT

Latest from DevOps.com

Developer’s Guide to Web Application Security
June 24, 2022 | Anas Baig
Cloudflare Outage Outrage | Yet More FAA 5G Stupidity
June 23, 2022 | Richi Jennings
The Age of Software Supply Chain Disruption
June 23, 2022 | Bill Doerrfeld
Four Steps to Avoiding a Cloud Cost Incident
June 22, 2022 | Asim Razzaq
At Some Point, We’ve Shifted Too Far Left
June 22, 2022 | Don Macvittie

Get The Top Stories of the Week

  • View DevOps.com Privacy Policy
  • This field is for validation purposes and should be left unchanged.

Download Free eBook

DevOps: Mastering the Human Element
DevOps: Mastering the Human Element

Most Read on DevOps.com

Survey Uncovers Depth of Open Source Software Insecurity
June 21, 2022 | Mike Vizard
One Year Out: What Biden’s EO Means for Software Devs
June 20, 2022 | Tim Mackey
At Some Point, We’ve Shifted Too Far Left
June 22, 2022 | Don Macvittie
Open Source Coder Tool Helps Devs Build Cloud Spaces
June 20, 2022 | Mike Vizard
Cloudflare Outage Outrage | Yet More FAA 5G Stupidity
June 23, 2022 | Richi Jennings

On-Demand Webinars

DevOps.com Webinar ReplaysDevOps.com Webinar Replays
  • Home
  • About DevOps.com
  • Meet our Authors
  • Write for DevOps.com
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • Privacy Policy

Powered by Techstrong Group, Inc.

© 2022 ·Techstrong Group, Inc.All rights reserved.