Artificial Intelligence | News | Insights | AiThority
[bsfp-cryptocurrency style=”widget-18″ align=”marquee” columns=”6″ coins=”selected” coins-count=”6″ coins-selected=”BTC,ETH,XRP,LTC,EOS,ADA,XLM,NEO,LTC,EOS,XEM,DASH,USDT,BNB,QTUM,XVG,ONT,ZEC,STEEM” currency=”USD” title=”Cryptocurrency Widget” show_title=”0″ icon=”” scheme=”light” bs-show-desktop=”1″ bs-show-tablet=”1″ bs-show-phone=”1″ custom-css-class=”” custom-id=”” css=”.vc_custom_1523079266073{margin-bottom: 0px !important;padding-top: 0px !important;padding-bottom: 0px !important;}”]

NeuVector First to Bring “Security Policy as Code” to Kubernetes Workloads

DevOps and DevSecOps Teams Can Now More Quickly Deliver Secure Cloud-Native Apps by Using Kubernetes Custom Resource Definitions to Define, Manage, and Automate Application Security Policies Throughout the CI/CD Pipeline

NeuVector, the leader in Full Lifecycle Container Security, announced the immediate availability of the industry’s first “Security Policy as Code” capability for Kubernetes services. The release – built into the NeuVector platform enables DevOps teams to automate container security by using Kubernetes Custom Resource Definitions (CRDs) to define and manage application security policies throughout application development and production. Now, DevOps teams can more quickly deliver secure cloud-native apps because security policies can be defined, managed, and automated during the DevOps process. Security Policy as Code adds to recently-released enhancements to the NeuVector platform, including data loss prevention (DLP) and multi-cluster/multi-cloud management capabilities.

NeuVector is launching Security Policy as Code at KubeCon + CloudNativeCon North America 2019, where attendees can learn how customers use NeuVector – and get 1:1 demos of the platform’s newest container security features at booth SE40.

Read More: Top 5 Best Digital Marketing Agencies in Dubai

With Security Policy as Code, DevOps teams can now easily implement robust security policies using CRDs to deploy customized resource configurations via developer-friendly YAML files. NeuVector also enables developers to create CRDs that capture the full profile of application behavior – and do so in a Kubernetes-native way. The result is simple-to-deploy, powerful security policy enforcement that:

  • Captures the entire application behavior, including network rules, protocols, processes, and file activities that are allowed – or ‘whitelisted’ – for the application.
  • Only permits allowed network connections between services – enforced by application protocol (layer 7) inspection.
  • Allows or prevents external or ingress connections as warranted.
  • Sets the “protection mode” of the application to either Monitor mode (alerting only) or Protect mode (blocking all suspicious activity).
  • Supports integration with Open Policy Agent (OPA) and other security policy management tools.
  • Allows DevOps and security teams to define application policies at different hierarchies such as per-service rules defined by DevOps and global rules defined by centralized security teams.
  • Is RBAC-enabled, enforcing the creation and updates of security policy as allowed natively by Kubernetes service accounts and roles.
  • Is extensible, to support future expansion of security policy as code to admission control rules, DLP rules, response rules, and other NeuVector enforcement policies.
Related Posts
1 of 40,727

“By introducing our industry-first Security Policy as Code for Kubernetes workloads, we’re excited to provide DevOps and DevSecOps teams with even more control to automate safe behaviors and ensure their applications remain secure from ever-increasing threat vectors,” said Gary Duan, CTO, NeuVector. “We continue to build out new capabilities sought by customers – such as DLP, multi-cluster management, and, with today’s release, CRD support. Our mission is acutely focused on raising the bar for container security by offering a complete cloud-native solution for the entire application lifecycle.”

Read More: The Future of Work’s Most Crucial Component: Artificial Intelligence

Using Security Policy as Code and CRDs, developers and DevOps teams can define and allow the run-time application behavior they expect by implementing specific security rules for network connections, process activity, file access patterns, and other run-time policies. Importantly, because these security policies are defined as code, they are version-tracked and built for easy automation. This makes it simple to migrate security policies across Kubernetes clusters (or from staging to production environments), and to manage versions of security policies tied to specific application versions. Developers can also easily enforce global security policies this way, and further specify policies for each Kubernetes workload as needed.

NeuVector’s behavioral learning technology delivers the ability to learn and define appropriate application behavior in testing or staging environments, and to export that security policy as a CRD YAML file that developers and DevOps teams can review and edit before deploying in production. Combined with NeuVector’s full lifecycle vulnerability scanning and ConfigMap-based deployment capabilities, CRD support from NeuVector further enhances security automation during the entire CI/CD pipeline and into production environments.

“Security continues to shift left, and our Platform teams are eager to manage security policy as code,” said Sean McCormick, VP of Engineering at Element. “Doing so enables us to automate security further upstream – simplifying and hardening policy enforcement. With its Security Policy as Code support, NeuVector gives us a more granular capacity to centrally manage our security policies without needing to configure them through a UI. This is a significant improvement for Element, allowing us to maintain policy consistency across all customer and development environments.”

Read More: AiThority Interview with Sumant Kawale, VP Customer Success at Cerebri AI

7 Comments
  1. totowho77 says

    I’ve read so many articles, but I’m very grateful that I read such a good article today 토토사이트 and I hope this good article will spread far away

  2. 토토사이트2 says

    Good post. I was constantly checking this blog and I got good information. I was impressed! 😉 먹튀검증

  3. 플레이포커머니상 says

    I’ve been reading all the articles related to 플레이포커머니상 for the past hour, but I don’t know why I saw this post now. It seems like very useful information.

  4. 플레이포커머니상 says

    I love seeing more and more people visiting your blog. I, who have been together for a long time, created a forum with the same topic as yours this time. The subject is going to be captured by 플레이포커머니상.

  5. 플레이포커머니상 says

    I thought I did a good job reading your article. I’ve been inspired by countless articles, and yours is one of the most impressive! I hope you will read my article and feel the same way I do. Please visit my site 플레이포커머니상 and read my articles too!

  6. Copper scrap melting says

    Scrap Copper value Copper scrap material handling Scrap metal reclamation and repurposing
    Copper cable scrap properties, Metal waste dismantling, Copper scrap commerce

  7. Copper alloy melting says

    Scrap copper extraction Local copper scrap buyers Scrap metal recycling economics
    Copper cable recycling export, Scrap metal sales, Copper scrap waste reduction

Leave A Reply

Your email address will not be published.