The Kubernetes Containers and Cloud Security Cocktail: A Zero Trust Access Recipe for SuccessJanuary 27, 2021
Author: Raj Mallempati, COO of CloudKnox Security
Kubernetes Containers. You know it, you love it, and now you can get the Cloud Permissions Management you need on top of it! The CloudKnox Permissions Management Platform now provides customers full visibility into container orchestration to enable Zero Trust access.
Step 1: Stir in Kubernetes Containers
By extending support for Kubernetes container workloads, CloudKnox’s Activity-based Authorization protocol provides visibility and remediation to identities with Kubernetes Container permissions enhancing enterprises’ ability to combat emerging cloud security challenges. With the rise of digital transformation, microservice and container architectures are increasingly popular as a way to enable cloud adoption, rapid deployment and high availability. Yet, these strategies require the implementation of a Zero Trust model to mitigate significant security risks to cloud infrastructure. CloudKnox delivers on a core pillar of the Zero Trust model: limiting excessive user entitlements.
Step 2: Shake Up Your Cloud Security
Today, permission management for Kubernetes Containers is primarily done through the Kubernetes Role-Based Access Control (RBAC), or through native Identity Access Management (IAM) permissions. However, because the permissions are assigned in two places, cloud infrastructure and security teams find it difficult to manage identities effectively. By merging permissions assigned through Kubernetes RBAC and IAM transparently, CloudKnox customers are empowered with full cross platform visibility into all identities and the ability to conduct in-depth analysis of all activity logs. By providing insight into the identities that are assigned permission and usage within the cloud, enterprise security teams can easily understand which identities are over privileged and can take action to mitigate risks before they become true threats to the organization.
As an aside, we here at CloudKnox refer to the delta between permissions granted and those actually used as the Cloud Permissions Gap. CloudKnox provides superior visibility into permissions assigned to identities and workloads within virtual machines, serverless functions and containers, including Kubernetes. Our platform helps customers with the monumental challenge of securing their hybrid and multi-cloud infrastructures by identifying their Cloud Permissions Gap and implementing the principle of least privilege (PoLP) to enable Zero Trust access.
Step 3: Add a Little Bit of Spice
To top off our Kubernetes Containers and Cloud Security Cocktail, we are extending support for serverless functions on Amazon Web Services (AWS), Azure, and Google Cloud Platform (GCP); also, not to be forgotten, our strategic enterprise technology integration with ServiceNow.
Which Organizations Need This Cocktail?
If you are leveraging AWS/Azure/GCP/VMware vSphere as your multi-cloud/hybrid cloud infrastructure, you are exposed to the Cloud Permissions Gap risk and absolutely need this cocktail. CloudKnox offers a free Cloud Identity Risk Assessment to help enterprises understand their cloud identity and resource risk profile. Why wait? Get to mixing!BACK TO BLOG