Reali, a US-based full-service real estate brokerage, is a company that relies heavily on its dedicated DevOps team to protect its workloads running on AWS. ‘Black Box Kubernetes’ was a big task on the agenda for Reali. It soon became critical for the company to use a security tool that can connect the different teams in the company that were developing code, shipping it, and in charge of securing it. Consequently, Reali was looking for a security solution that can deal with the complex nature of their multiple deployments. One that could help it understand the cloud inventory they have in place, their potential Kubernetes security drifts, and provides a remediation plan, all done automatically.
The world is going to Kubernetes and we needed to keep up with this motion by integrating a security tool that talks and understands Kubernetes deployments right NOW. Alcide Kubernetes Advisor easily enabled us to scan for known vulnerabilities across our EKS Kubernetes clusters and quickly remediate any risk before it exposes our production environment.”Einav Friedman, Head of DevOps, Reali
Challenges
Kubernetes deployment snapshot for an immediate understanding of their cluster’s inventory
Making sure security is maintained while migrating deployments from staging to production
Supporting policy customization by the security team that are monitored by DevOps
Generating a baseline security model from a master cluster and monitoring replicated clusters using the same baseline.
Monitoring administrative actions in real-time to make sure it doesn't violate security policies and introduce vulnerabilities.
Solution
Alcide Kubernetes Discovery for an immediate snapshot of the multiple clusters they run
Enforcing Kubernetes runtime policies on EKS with Alcide Advisor
Bridging the K8s security knowledge gap by providing developers team an easy way to play with and evaluate for example RBAC configurations and other security handlers.
Applying multiple policies managed by different teams, so that any violation can be routed to Slack or Splunk
Results
Ensuring a healthy K8s motion with ongoing cluster hygiene checks that are integrated to Reali’s CI/CD pipeline
Identifying critical issues regarding old AMI (Amazon Machine Images) that Reali was using, with a recommendation and suggestions about how to use it
Maintaining a smooth and effective security automation process among the developers and the DevOps