Portshift Announces Extended Kubernetes Cluster Protection – Adding Powerful Security to the Kubernetes API

Share Article

Extended Kubernetes Cluster Protection Analyzes All Cluster Events, Mitigating Potential Risks in Cluster Resources and Worker Nodes

Portshift, a leader in Kubernetes-native solutions, today announced Extended Kubernetes Cluster Protection. The new capability provides Kubernetes API calls/API server protection by detecting and mitigating runtime risks and malicious activities on worker nodes and all cluster resources. The extended protection oversees all RBAC permissions in a Kubernetes cluster, categorizes them according to risk level, and provides runtime visibility and enforcement of APIs toward the API server.

Portshift's Extended Kubernetes Cluster Protection provides runtime visibility of all APIs invoked toward the API server and offers advanced filtering ability. In order to make changes to a Kubernetes cluster, an API call is made to the API server so that by protecting it, the clusters are defended against unauthorized changes. In addition to the protection of clusters, the administrator creates policy rules either by using the intelligent policy advisor or instituting policies manually to prevent unwanted API actions and high-risk configurations. The solution then automatically reviews and monitors all granted permissions and prevents impacts that defy policy.

With Extended Kubernetes Cluster Protection, existing pod permissions are tightened and unused permissions removed. The API Audit & Policy feature allows the DevSecOps professional to achieve full visibility and control over cluster resources and prevents suspicious activity such as adding malicious executables to their pods, creating crypto-mining cronjobs, remote code executions (RCE) in pods, the exposure of cluster secrets, the elevation of privileges, deleting Kubernetes log data and more.

"Portshift's extended Kubernetes Cluster Protection offers a new approach to providing fine-grained policy control over potentially sensitive cluster resources," said Brad Geesaman, Co-founder at Darkbit.io. "It is uniquely positioned to both detect and prevent activities inside the Kubernetes cluster that an attacker might use to gain access to secrets, run malicious workloads, or even escalate their privileges."

"It's a significant challenge for administrators to review all permissions granted and to understand the extent of their impact – Portshift does this automatically," said Zohar Kaufman, VP of R&D, Portshift. "Using Extended Cluster Protection, the situation receives zero-day mitigation without waiting for Kubernetes updates."

To learn more about Portshift, please visit https://www.portshift.io/product/

Tweet this: @Portshift Launches Extended Kubernetes Cluster Protection – Adding Powerful Security to the Kubernetes API - https://www.portshift.io/company/in-the-media/

Resources
To learn more about Portshift:
● Become a Trusted Portshift Partner: https://www.portshift.io/partners/
● Visit Portshift at https://www.portshift.io
● Follow Portshift on Twitter at http://www.twitter.com/portshift
● Follow Portshift on LinkedIn at https://www.linkedin.com/company/portshift/

About Portshift
Portshift is a Kubernetes-native solution providing a single pane of glass for containers and Kubernetes security. With a single Portshift pod deployment, DevOps can leverage the power of our lightweight solution to protect from vulnerabilities across images, containers, Kubernetes, and runtime deployments. Portshift ensures a continuous hardening process during the entire containerized applications lifecycle, from code to runtime. Leveraging service-mesh, Portshift delivers network communication security inside and outside the mesh.
Go to portshift.io for more info.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Yifat Mor
Portshift.io
+972 546722465
Email >
Visit website

Media