Ensuring a Secured
GKE Experience

Kubernetes Advisor on GKE

Securing your dev to production AKS pipeline with on-going hygiene checks

Extending GKE Policies

With application-aware
workload policy

Alcide Embedded Policies

Allow DevOps to define network policies
during build time

Alcide for Google Cloud Platform (GCP) provides a native security solution integrated with Google Kubernetes Engine (GKE).
Our platform provides cloud discovery into the entire cloud topology and applications data flow, a Kubernetes Advisor agentless scanner that provides on-going security hygiene checks, and a
behavioral anomaly threat detection engine that detects anomalous and malicious network activity. 

  • Alcide Kubrnetes Advisor running on GKE workloads providing security hygiene checks designed to ensure a secured development process before moving to production. The Alcide cluster hygiene Kubernetes Advisor scans the GKE target environment and detects the drifts in the cluster hygiene level and specifics in the software supply chain hygiene, resulting in a failed pipeline, so no exploits are found in Production stage.
  • Extending GKE policies with application-aware workload Policy
    • Workload level policies enforced at the Pod level
    • Policy engine implemented using eBPF and include the ability to define FQDN white lists, and
    • Workload level policy extends GKE policies is done through deployment/pod annotations
  • Alcide Policies allow developers to configure build-time security rules for Google services and external DNS names
  • Threat Intelligence – detecting Pod level network activity with crypto-mining, command & control drop location, etc.
  • Threat detection & prevention -Machine-learning based microservice anomaly engine, to detect advanced network attacks – for example, DNS tunneling, and low and slow evolving attacks.

Learn how Alcide created its cloud-native security solution with GKE

 

cloud build

Alcide is also fully integrated with Google Cloud Build. By integrating, you will get a free evaluation of Alcide Kubernetes Advisor integrated into your pipeline. The free version includes: 

  •  Cluster inventory snapshot
  • Cluster hygiene security checks
  • Drifts’ prevention

In order to customize the Alcide Advisor test policies and get updates and new tests on the fly, you need to register for the Alcide Advisor service or sign up for the free trial.

 

Video: Alcide Advisor Google Cloud Build pipeline integration