Alcide Simplifies PCI and GDPR K8s Compliance
February 27, 2020

Alcide announced that the Alcide Kubernetes Security Platform now supports compliance scans for PCI and GDPR, enabling DevOps to deliver regulatory compliance checks rapidly and seamlessly alongside Alcide’s leading Kubernetes security capabilities.

Gartner predicts that distributed cloud solutions will be a strategic technology trend in 2020. As such, companies will need tools that are purpose built to solve security and compliance challenges such as the Alcide Kubernetes Security platform. The Alcide Security Platform made headlines last summer when it was used to discover that 89% of Kubernetes deployments were not leveraging critical security resources within K8s. The radical new architecture of cloud native software and the novel operating environment of Kubernetes is leaving DevOps teams struggling to provide data security. This gap in security extends to regulatory compliance for security and privacy, a responsibility now partially shared by DevOps: in a report by Verizon on payment security, about 54% of companies in Europe and 61% of companies in America fail to comply with PCI DSS.

“Our findings on how companies are predominantly not using Kubernetes Secrets resources showed us how much DevOps needs automated systems to identify security and compliance risks. Building regulatory compliance scanning checks into Alcide Security Platform is a natural next step for Alcide” says Amir Ofek, CEO of Alcide. “The Kubernetes community is facing a shortage of skilled developers and security professionals, and Alcide is stepping up to meet the need for tools that enable DevOps and SecOps to maintain automated security and compliance at scale.”

Privacy and security compliance takes on many forms and exists in many verticals. PCIDSS emphasizes protection of payment card and transaction data, while GDPR seeks to protect the personal information of EU citizens doing business anywhere in the world. Cloud Native applications are particularly challenging when seeking compliance with these regulations, since standards such as PCI were not written with containers and Kubernetes workloads in mind. Developers must find analogous architectures such as defining whether a server definition in PCI is more like a pod, a node, or a cluster. Auditors are still catching up with cloud native technology and architecture, which further complicates the compliance process.

To address these challenges, Alcide has turned their Alcide Security Platform toward compliance scans for PCI and GDPR. Today’s announcement brings easy-to-implement compliance checks to users of the Alcide security tool to DevOps team. For example, installing and maintaining a firewall configuration to protect cardholder data, or to prohibit direct public access between the Internet and any system component in the cardholder data environment.

Share this

Industry News

March 26, 2020

Redgate’s new SQL Monitor now ensures that DevOps teams can monitor and track deployments at all times.

March 26, 2020

Split Software announced a two-way data integration with Google Analytics that can instantly detect performance issues caused by new features.

March 26, 2020

Cloudreach earned the Kubernetes on Microsoft Azure advanced specialization.

March 25, 2020

Informatica updated its Intelligent Data Platform, powered by Informatica's AI-powered CLAIRE engine, with advanced intelligence and automation capabilities, enabling enterprises to accelerate cloud analytics modernization, drive better customer experiences, and properly govern and manage all their data.

March 25, 2020

Datical released Targeted Rollback capabilities for Liquibase, the rapidly growing open-source tool that helps application developers track, version and deploy database schema changes quickly and safely.

March 25, 2020

HashiCorp raised $175 million in Series E funding, at a company valuation of $5.1 billion.

March 24, 2020

Sysdig launched PromCat.io.

March 24, 2020

Sonatype announced expanded language coverage within Nexus Lifecycle to include Conan (C/C++), Composer (PHP), and RubyGems (Ruby), including the ability to create and contextually enforce policies.

March 24, 2020

Swimlane joined the Chronicle Index Partner program as part of a broader industry effort to help customers improve visibility of and response to cyber threats.

March 23, 2020

Portshift introduced Kubei Open Source container scanning software.

March 23, 2020

Perspecta achieved Amazon Web Services (AWS) DevOps Competency status.

March 23, 2020

Talend announced the availability of Talend Cloud in Microsoft Azure Marketplace, an online store providing applications and services for use on Azure.

March 19, 2020

DevOps Institute, a global member-based association for advancing the human elements of DevOps, announced eight Virtual SKILup Day micro-conferences starting April 30, 2020.

March 19, 2020

Oteemo, an enterprise DevSecOps and Cloud Native Transformation consultancy, launched an enterprise kubernetes and cloud native learning program.

March 19, 2020

Spectro Cloud, an enterprise cloud-native infrastructure company, emerged from stealth and unveiled its first product: Spectro Cloud.