Alcide Rapid 7 Logo Alcide Rapid 7 Logo
Alcide has been acquired by Rapid7- a leading provider of security analytics and automation. Learn more

End-to-End Kubernetes Security Platform

Progressive security guardrails for Kubernetes deployments

Video-placeholder-1

From design
through deployment
to production

The Alcide platform addresses all Kubernetes security needs holistically, from design through deployment to production. The platform is designed from a DevOps perspective, while also ensuring robust and comprehensive Kubernetes security and compliance best practices. Alcide secures your Kubernetes infrastructure and ensures compliance already from the CD pipeline, through deployment and to runtime protection.

The Alcide Kubernetes-native platform has two underlying engines. One is a design-to-production policy, monitoring and enforcement engine. The second is an artificial intelligence (AI) engine based on machine learning, which detects behavior anomalies.

The platform helps enforce security policies and with drift prevention – but not only. Alcide also detects malicious network activity, risk configurations, misconfigurations, visibility across clusters, real-time monitoring and runtime security issues.

Image-slice-1
Image-slice-2

Alcide ensures the entire dev-to-production pipeline is secured

Diagram
Kubernetes multi-cluster vulnerability scanner
Kubernetes audit log analyzer
Kubernetes microservices firewall

A comprehensive Kubernetes
multi-cluster vulnerability scanner
for your CI/CD Pipeline

kAdvisor is an agentless pure API-based vulnerability scanner, providing a single-pane view for all Kubernetes-related aspects and is seamlessly integrated with your CI/CD pipeline.

kAdvisor simplifies the security assessment for the entire kubernetes environment while creating baseline profiles for each cluster, highlighting and scoring security risks, misconfigurations and hygiene drifts. We support all types of Kubernetes flavors, from managed services like EKS, AKS and GKE, to unmanaged clusters built with Kops, Kubeadm and alike.

Speak to an Expert

DevOps teams enjoy the continuous, always-on,
dynamic analysis of their Kubernetes
deployments

  • Snapshot of cluster risks & cluster hygiene, delivered with a detailed list of misconfigurations
  • Detection of hygiene drifts, thereby reducing noise by putting the spot on the delta
  • Seamlessly complying with regulations such as PCI, GDPR, and HIPAA from a Kubernetes perspective
  • Real-time prevention of misconfiguration, as well as blocking of tainted CI/CD pipelines

Covering rich Kubernetes and Service Mesh compliance checks and best practices

Platform-ic-1

Kubernetes vulnerability scanning

Platform-ic-2

Hunting misplaced secrets

Platform-ic-3

Excessive secret
access

Platform-ic-4

Workload hardening from Pod Security to network policies

Platform-ic-5

Istio security configuration and best practices

Platform-ic-6

Ingress controllers for security best practices

Platform-ic-7

Kubernetes API server access privileges

Platform-ic-8

Kubernetes operators security best practices

Platform-ic-9

RBAC
misconfigurations

kAdvisor benefits

kAdvisor-benefits-ic-1

Security and Compliance from First-go

Scans the Kubernetes cluster configuration file for security drifts and misconfigurations, resulting in better understanding of and more control over distributed projects, thanks to continuous and dynamic analysis.

kAdvisor-benefits-ic-2

Security first

Covers rich Kubernetes and Istio security best practices and compliance checks such as Kubernetes vulnerability scanning, hunting misplaced secrets or excessive secret access, workload hardening from Pod Security to network policies, Ingress controllers, Kubernetes API server access privileges and Kubernetes operators.

kAdvisor-benefits-ic-3

Early detection of hygiene, risk & conformance drifts

Integrated into the deployment phase of your CI/CD pipeline, kAdvisor provides profile-driven machinery to detect “negative” drifts with respect to previous deployments, across a wide range of Kubernetes and Istio security best practices.

Speak to an Expert
Kubernetes Audit Log Analysis made easy
Identify rule violation, abnormal administrative activity and leverage deep forensics, pinpoint Anomalous K8s Behavior Beyond Configuration Rules
Audit-screen-1
Detect Security Policy Violations
that are in conflict with Compliance
Best Practices
Focus on Kubernetes breaches and incidents while reducing detection time
Audit-screen-2
Audit-screen-1
Audit-screen-2

Intelligently leveraging Kubernetes audit logs

kAudit is a robust, machine learning (ML)-based tool, intelligently leveraging Kubernetes audit logs and summarizing detected anomalies and potential threats. kAudit highlights usage and performance trends across the Kubernetes clusters while providing user-friendly statistics for auditing and for further investigation.

Speak to an Expert

Detecting policy
violation use cases

On top of automated audit analytics and risk detection, kAudit helps to keep close track of your organization’s compliance policies and predefined rules. With kAudit, companies running Kubernetes-based workloads properly enforce the rules required for adhering to government and regulation standards such as PCI, GDPR and HIPAA. kAudit automatically assembles, atalogs and reports on violations of Kubernetes-related compliance best practices.

Detecting Kubernetes
anomalies + use cases

kAudit fits perfectly in the complex multi-cluster Kubernetes environments that companies build today. With an AI-based detection and prevention mechanism, Alcide kAudit provides a high-resolution network detection security layer that gives instant insights and alerts on any suspicious activity. Armed with ML and artificial intelligence (AI) for monitoring audit logs, kAudit continuously scans logs and flags any unusual or suspicious network behavior.

kAudit benefits

audit-benefits-1

Focus on impending threats fast

Alcide kAudit offers ongoing analyses of Kubernetes audit logs to detect illegitimate user and service account behavior in real-time. Automated insights on critical threats and security-related abuses enable teams to focus on material incidents while significantly reducing detection time.

audit-benefits-2

Monitor behavior and react in real-time

With machine learning, kAudit identifies suspicious activity patterns, in real-time. When anomalous behavior is identified, kAudit traces back to the root causes via fully context-aware, post-mortem investigation and automated forensic analysis. IR teams can easily leverage the robust kAudit analysis and forensics capabilities.

audit-benefits-3

Extending your SIEM to Kubernetes

Alcide kAudit seamlessly integrates into existing common SIEMs such as Splunk, Sumo Logic, Elastic and more, providing SOC teams visibility on their K8s security events as part of their existing traditional monitoring.

audit-benefits-4

Stay compliant

Backed by patent-pending artificial intelligence, kAudit learns the patterns of your audit log over time and then enables security and compliance enforcement in response to anomalies accordingly.

Speak to an Expert

Microservices
Firewall at Scale

Kubernetes cloud operations consist of many workloads running different services. Alcide’s kArt network-based approach allows the seamless collection of traffic information into centrally orchestrated cloud security policies and anomaly engines. This level of granular control combined with a hierarchical approach makes it easy to structure and enforce smart, application-aware and label-based policies.

Speak to an Expert

Enhanced Kubernetes and Cloud-Native Security Policies

In addition to the Kubernetes-native cloud policies, Alcide’s embedded policies are application-aware, empowering developers or DevOps to define network policies during build time. This ensures that the newly created Kubernetes workload is immediately granted the access it requires for normal operation in runtime. Alcide also offers a simplified platform from which users can gather, monitor, and manage all of their external security policies. The user can select any cloud provider policies, such as AWS Security Groups or Azure Security Groups, or cloud platform policies, such as Kubernetes security policies, to see the corresponding inbound and outbound rules as well as visualize which other workloads are associated with each policy on the map.

Image Scanning
and Vulnerability Management

Alcide’s image scanning capabilities are designed specifically for the complex Kubernetes deployments. Alcide’s image scanning continuously monitors and highlights potentially vulnerable components, derived from flagged security issues within the container images, while strictly focusing on the Kubernetes context.

Microservices
Anomaly Detection

The kArt module provides a Machine Learning, behavioral-based anomaly detection engine, offering protection against security incidents and abnormal behaviors that are either overlooked or undetected by traditional protection layers. While security features like micro-segmentation and cloud-provider security groups limit the network connections that are allowed between potentially interacting application workloads, they cannot stop the abuse of the permitted connections by external attackers, internally deployed malware or malicious insiders. kArt generates and visualizes real-time alerts on Alcide’s Infrastructure and Applications maps, allowing Security and DevOps teams to quickly respond and mitigate potential threats such as DNS tunneling, reputation hits, permissive policy creation, permissive policy change, and east-west network.

kArt-video-placeholder

kArt benefits

kart-benifits-ic-1

Firewall at scale

Combining all cloud providers’ security groups (AWS, GCP, Azure), Kubernetes Network Policy, Istio API-level perimeter policy, and Alcide Embedded and recommended policy engine in one powerful firewall

kart-benefits-ic-2

Policy simplification & unification

A single policy framework for all Dev, Sec and Ops teams powered by Linux eBPF alongside enhanced embedded policies directly into the workload

kart-benifits-ic-3

Multi-Cloud Multi-cluster support in real-time

Unification of different clusters into one security incident stream, gathering all relevant applications, assets and alerts, thus providing a much broader understanding of context and quicker detection of both known and unknown threats.

Speak to an Expert