Extending GKE Policies

With Application-Aware Workload Policy

Alcide for Google Cloud Platform (GCP) provides a native security solution integrated across all Google accounts and services such as Virtual machines, Google Kubernetes Engine (GKE), and Cloud Functions.
Our platform provides deep visibility into the entire cloud topology and applications data flow, together with behavioral anomaly threat engine to detect anomalous and malicious network activity. Leveraging the Google Groups, the Alcide Policies allow developers to configure Build-time security rules for Google services and external DNS names: 

  • Extending GKE policies with application-aware workload Policy
    • Workload level policies enforced at the Pod level
    • Policy engine implemented using eBPF and include the ability to define FQDN white lists, and
    • Workload level policy extends GKE policies is done through deployment/pod annotations
  • Threat Intelligence – detecting Pod level network activity with crypto-mining, command & control drop location, etc.
  • Threat detection & prevention -Machine-learning based microservice anomaly engine, to detect advanced network attacks – for example, DNS tunneling, and low and slow evolving attacks.

Learn how Alcide created its cloud-native security solution with GKE.