Alcide Advisor Introduced
May 15, 2019

Alcide releaseed Alcide Advisor, a continuous security and hygiene scanner for Kubernetes and Istio, which automatically scans for the widest range of compliance, security and governance risks and vulnerabilities.

Already deployed in numerous customer environments, and fully integrated with the CI/CD pipeline, it empowers engineering teams to maintain engineering motion and quickly identify security drifts and risks, even before they are introduced to production. This K8s and Istio advisory continuously scan across the various development stages all the way into production.

The complexity of cloud-native and Kubernetes deployments mandates continuous security capabilities that offer ongoing insights and actionable recommendations to ensure always-on security of deployed applications. Enabling DevOps with a ‘click & run’ experience, Alcide Advisor helps them ramp up their K8s migration and adoption quickly, without compromising on security.

With Alcide Advisor engineering teams can rest assured that the apps they build are deployed and monitored in a secure manner; while DevOps teams benefit from a fast, automated and secured deployments; and cloud architects can stay on top of every change, risk or new user introduced to the system.

“DevOps pushes adoption of cloud-native application technology today, with K8s being a driving force,” says Gadi Naor, co-founder and CTO of Alcide. “By combining the worlds of DevOps with Kubernetes security, these teams can now leverage the agility, speed, security and scale of cloud-native development, without sacrificing security, development flexibility or business velocity. It’s a win-win for Dev, Sec and Ops.”

The Alcide Advisor provides a single-pane view for all K8s- related risk, governance and compliance issues, including auditing, topology, network, policies scans, and automated common vulnerabilities and exposure checks. Fully integrated with the CI/CD pipeline, the comprehensive monitoring by the Advisor enables DevOps teams to gain a deeper understanding and tighter control of their distributed and complex Kubernetes projects with a continuous, always-on, dynamic analysis covering:

- Kubernetes Center for Internet Security (CIS) Benchmark

- Kubernetes vulnerability scanning

- Hunting misplaced secrets, or excessive secret access

- Workload hardening from Pod Security to network policies

- Ingress controllers for security best practices

- Kubernetes API server access privileges

- Kubernetes security best practices on AWS

- Kubernetes operators security best practices

- Istio security configuration and best practices

Share this

Industry News

September 24, 2020

NetApp announced the availability of Elastigroup for Microsoft Azure Spot Virtual Machines (VMs).

September 24, 2020

CloudBees announced a robust new set of DevSecOps capabilities for CloudBees CI and CloudBees CD. The new capabilities enable customers to perform early and frequent security checks and ensure that security is an integral part of the whole software delivery pipeline workflow, without sacrificing speed or increasing risk.

September 24, 2020

Pulumi announced the release of a Pulumi-native provider for Microsoft Azure that provides 100% coverage of Azure Resource Manager (ARM), the deployment and management service for Azure that enables users to create, update and delete resources in their Azure accounts.

September 23, 2020

Puppet announced new Windows services, integrations and enhancements aimed at making it easier to automate and manage infrastructure using tools Windows admins rely on. The latest updates include services around Group Policy Migration and Chocolatey, as well as enhancements to the Puppet VS Code Extension, and a new Puppet PowerShell DSC Builder module.

September 23, 2020

Red Hat announced the release of Red Hat OpenShift Container Storage 4.5, delivering Kubernetes-based data services for modern, cloud-native applications across the open hybrid cloud.

September 23, 2020

Copado, a native DevOps platform for Salesforce, has acquired ClickDeploy.

September 22, 2020

CloudBees announced general availability of the first two modules of its Software Delivery Management solution.

September 22, 2020

Applause announced the availability of its Bring Your Own Testers (BYOT) feature that enables clients to manage their internal teams – employees, friends, family members and existing customers – and invite them to test cycles in the Applause Platform alongside Applause’s vetted and expert community of testers.

September 22, 2020

Kasten announced the integration of the K10 data management platform with VMware vSphere and Tanzu Kubernetes Grid Service.

September 21, 2020

PagerDuty entered into a definitive agreement to acquire Rundeck, a provider of DevOps automation for enterprise.

September 21, 2020

Grafana Labs announced the release of Grafana Metrics Enterprise, a modern Prometheus-as-a-Service solution designed for the scale, architecture, and security needs of enterprises as they expand their observability initiatives.

September 21, 2020

Portshift's Cloud Workload Protection platform is now available through the Red Hat Marketplace.

September 17, 2020

env0, a developer of Infrastructure-as-Code (IaC) management software, announced the availability of its new open source solution for Terraform users, Terratag.

September 17, 2020

Push Technology announced a partnership with Innova Solutions, an ACS Solutions company, specializing in global information technology services.

September 17, 2020

Alcide achieved the AWS Outposts Ready designation, part of the Amazon Web Services (AWS) Service Ready Program.