Accurics Comes Out of Stealth Mode
April 30, 2020

Accurics came out of stealth mode to announce the formal launch of the company.

It introduced technology that protects the cloud native infrastructure throughout the DevOps lifecycle, and reconciles risk posture drift between infrastructure defined through code and infrastructure running in the cloud. These advances are critical as organizations rapidly embrace new technologies such as serverless, containers, and service mesh. The company has received $5mm in financial backing from blue-chip investors such as ClearSky, WestWave Capital, Firebolt Ventures and Secure Octane.

Accurics is also making a free version available for download so that organizations can quickly assess their cloud risk posture.

“While the rapid adoption of cloud native technologies is fueling innovation, organizations are grappling with the challenges of securing more complex cloud stacks,” said Accurics Co-founder & CEO Sachin Aggarwal. “Risks in cloud deployments often go ignored due to the fact that detecting and fixing issues in production is costly. Organizations need a broader approach, in effect, ‘code-to-cloud’ security. That means seamless governance of infrastructure during development and in production, protection across the full cloud stack, monitoring for any posture ‘drift’ and swift return to a clean posture. Accurics is proud to introduce a dynamic platform that takes on all of these challenges with ease, speed and cost-effectiveness.”

“Our goal in developing the Accurics platform was to protect the full cloud native stack throughout the DevOps lifecycle, from the moment it’s defined in code and throughout the lifecycle of infrastructure being employed in production,” said Accurics Co-founder & CTO, Piyush Sharrma. “Perhaps most importantly, we prevent the risk posture in production drifting away from the baseline defined through code. That’s the only way to ensure consistently strong protection that enables organizations to innovate with confidence.”

Accurics meets the specific needs of both DevOps and security by addressing specific challenges. These encompass:

- Breach Path Prediction: The platform develops threat models by analyzing vulnerability feeds, IAM privileges, and other data to detect and remediate potential exposure paths in infrastructure code, reducing the attack surface in production. It subsequently monitors production for changes that introduce risks, and responds immediately via integrations with existing remediation workflows.

- Proactive Compliance & Governance: Accurics scans infrastructure as code for violations of common compliance and cybersecurity practices—such as SOC 2, GDPR, PCI, HIPAA, ISO, CIS Benchmark, AWS Best Practices and the AWS well-architected framework—and addresses violations through integrations with existing remediation workflows. This ensures a compliant posture before the infrastructure is provisioned. Production cloud deployments are then monitored against the same policies, and changes that cause violations are remediated. This enables organizations to demonstrate continuous compliance to auditors, management, and customers.

- Cloud Integrity Assurance: Accurics generates a real-time topology across the full stack defined through code, which helps spot design issues early in the DevOps lifecycle. Once the issues are addressed, the code is established as a baseline. The platform then continuously assesses the production cloud deployment for changes in topology from the baseline and flags drifts. If the drift is due to a legitimate change, the code can be updated, and if it introduces risks, organizations can roll their code back to the last known secure posture.

The platform protects hybrid and multi-cloud environments with a wide range of capabilities, including:

- Full Stack Visibility: Visualizes the real-time topology in code and cloud across a full stack, including serverless, container, platform and infrastructure technologies.

- Infrastructure as Code Security: Continuously scans infrastructure code such as Terraform, Ansible, Kubernetes YAML, Dockerfile and OpenFaaS YAML for misconfigurations, vulnerabilities, policy violations, and potential breach paths before the cloud infrastructure is provisioned.

- Cloud Posture Management: Continuously monitors production cloud deployments for changes that introduce misconfigurations, policy violations, and potential breach paths.

- Drift Detection: Continuously assesses the posture of a cloud deployment and flags any drifts from the posture defined through code.

- Posture Restoration: If a drift is due to a legitimate change, the code can be updated to reflect the change; if it introduces risks, the code can be restored to the last known secure posture.

- Remediation: Resolves issues that are flagged via integrations with alert management mechanisms such as Slack, JIRA, Splunk, webhooks and email.

The Accurics platform is available now.

Share this

Industry News

December 03, 2020

Copado announced its Winter 21 release, providing end-to-end DevOps value stream management platform for Salesforce.

December 03, 2020

MayaData and Platform9 announced a collaboration for the deployment and operation of performance-sensitive stateful workloads on Kubernetes.

December 03, 2020

Harness announced first-class integration with Amazon Elastic Container Service (ECS) Container Orchestration, enabling mission-critical applications to run in Docker containers with less scripting and redundancy, and out-of-the-box deployment strategies.

December 02, 2020

Amazon Web Services (AWS), an Amazon.com company, announced Amazon DevOps Guru, a fully-managed operations service that uses machine learning to make it easier for developers to improve application availability by automatically detecting operational issues and recommending specific actions for remediation.

December 02, 2020

Salesforce and Slack Technologies have entered into a definitive agreement under which Salesforce will acquire Slack.

December 02, 2020

Kasten by Veeam announced Kasten K10 v3.0.

December 02, 2020

Mattermost announced the launch of Mattermost Cloud, a new SaaS platform that is designed to optimize collaboration for DevOps teams and privacy-conscious enterprises.

December 01, 2020

CloudBees announced a virtual launch event on December 10 to formally release the first two modules of its Software Delivery Management solution: CloudBees Engineering Efficiency and CloudBees Feature Management.

December 01, 2020

GitOps creator Weaveworks announced the availability of release 2.4 of Weave Kubernetes Platform (WKP).

December 01, 2020

Adaptavist has joined the Sonatype partner program as a Platinum Enterprise Partner.

November 30, 2020

Shipa is open sourcing Ketch, Shipa's deployment engine, under Apache License Version 2.0.

November 30, 2020

Portworx by Pure Storage announced its qualification and support of Portworx Enterprise for Google Cloud's Anthos on bare metal.

November 30, 2020

SnapLogic now supports SaaS contracts in AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS).

November 24, 2020

Red Hat announced new capabilities and features for Red Hat OpenShift, the company's enterprise Kubernetes platform.

November 24, 2020

Sectigo released Chef, Jenkins, JetStack Cert-Manager, Puppet, and SaltStack integrations for its certificate management platform.