Alcide Advisor Introduced
May 15, 2019

Alcide releaseed Alcide Advisor, a continuous security and hygiene scanner for Kubernetes and Istio, which automatically scans for the widest range of compliance, security and governance risks and vulnerabilities.

Already deployed in numerous customer environments, and fully integrated with the CI/CD pipeline, it empowers engineering teams to maintain engineering motion and quickly identify security drifts and risks, even before they are introduced to production. This K8s and Istio advisory continuously scan across the various development stages all the way into production.

The complexity of cloud-native and Kubernetes deployments mandates continuous security capabilities that offer ongoing insights and actionable recommendations to ensure always-on security of deployed applications. Enabling DevOps with a ‘click & run’ experience, Alcide Advisor helps them ramp up their K8s migration and adoption quickly, without compromising on security.

With Alcide Advisor engineering teams can rest assured that the apps they build are deployed and monitored in a secure manner; while DevOps teams benefit from a fast, automated and secured deployments; and cloud architects can stay on top of every change, risk or new user introduced to the system.

“DevOps pushes adoption of cloud-native application technology today, with K8s being a driving force,” says Gadi Naor, co-founder and CTO of Alcide. “By combining the worlds of DevOps with Kubernetes security, these teams can now leverage the agility, speed, security and scale of cloud-native development, without sacrificing security, development flexibility or business velocity. It’s a win-win for Dev, Sec and Ops.”

The Alcide Advisor provides a single-pane view for all K8s- related risk, governance and compliance issues, including auditing, topology, network, policies scans, and automated common vulnerabilities and exposure checks. Fully integrated with the CI/CD pipeline, the comprehensive monitoring by the Advisor enables DevOps teams to gain a deeper understanding and tighter control of their distributed and complex Kubernetes projects with a continuous, always-on, dynamic analysis covering:

- Kubernetes Center for Internet Security (CIS) Benchmark

- Kubernetes vulnerability scanning

- Hunting misplaced secrets, or excessive secret access

- Workload hardening from Pod Security to network policies

- Ingress controllers for security best practices

- Kubernetes API server access privileges

- Kubernetes security best practices on AWS

- Kubernetes operators security best practices

- Istio security configuration and best practices

Share this

Industry News

May 21, 2020

Exadel announced the Grand Prize winner of the “Appery.io COVID-19 Virtual Hackathon.”

May 21, 2020

CloudBees announced significant advances for its Software Delivery Management (SDM) platform – integrations with additional continuous integration and continuous delivery (CI/CD) engines, including Google Cloud Build and Tekton, and extension of the availability of CloudBees’ SDM Preview Program.

May 21, 2020

OutSystems is announcing over 70 development accelerators that ensure web and mobile applications created on the OutSystems low-code development platform can comply with the highest accessibility standards and regulations.

May 20, 2020

Styra announced that Styra Declarative Authorization Service (DAS) now supports microservices and extends context-based authorization to the service mesh.

May 20, 2020

Optimizely announced that its free feature flagging plan for development teams, Rollouts, now also includes A/B testing and feature configuration.

May 20, 2020

StackRox announced new runtime security features in the latest release of the StackRox Kubernetes Security Platform.

May 19, 2020

Docker has partnered with Snyk to deliver the first, native vulnerability scanning of container images in Docker.

May 19, 2020

Rancher Labs announced the launch of Rancher Academy.

May 19, 2020

Datical, a provider of database release automation solutions, has rebranded and will be conducting operations under the name Liquibase.

May 18, 2020

D2iQ introduced the D2iQ Shortcut to Success promotion. The cost-effective package of technology, training, professional services and support ensures successful Day 2 production operations for Kubernetes at a price point that makes it affordable for companies of all sizes to get started.

May 18, 2020

Altran announced the release of a new tool available on GitHub that predicts the likelihood of bugs in source code created by developers early in the software development process.

May 18, 2020

DigitalOcean closed a $50 million Series C funding round led by Access Industries, with participation from Andreessen Horowitz.

May 14, 2020

Venafi announced a definitive agreement to acquire Jetstack, a provider of open source machine identity protection software for Kubernetes and cloud native ecosystems.

May 14, 2020

SonarSource announced the acquisition of RIPS Technologies, a German startup from Bochum known for its leading code security analyzers.

May 14, 2020

IT Revolution announced The Idealcast — a new podcast series to share insights and solutions for how organizations can thrive during the age of digital disruption.