Radware Kubernetes Web Application Firewall Released
October 15, 2019

Radware announced the launch of Radware Kubernetes Web Application Firewall (WAF), a comprehensive and highly scalable application security solution for Kubernetes-based environments.

Radware’s new Kubernetes WAF enables organizations to secure microservices running on-premise and cloud-based implementations. Within Kubernetes orchestrated microservices ecosystems, Radware applies both a positive and a negative security model so that companies can maximize data and application security. Radware also offers a machine learning based automatic policy generation and optimization engine for Kubernetes environments, and it offers both IT security and DevOps personnel detailed insight down to the pod level.

As organizations turn towards microservices and sophisticated orchestration tools like Kubernetes to speed up their Software Development Lifecycle (SDLC) and thus improve operational efficiency and agility, they suffer from very limited visibility into their containerized environment. Existing security solutions do not fit these environments as they do not provide the required level of automation, flexibility and elasticity. Existing security solutions are cumbersome, resulting in frustrated users, limited protection and significant manual efforts. With Radware’s new Kubernetes WAF, businesses can now protect their applications against major threats such as data theft, encoded and encrypted attacks and API manipulations without compromising the agility DevOps requires to minimize time to market of new or enhanced services.

"Agility is the main reason for businesses and organizations to turn towards microservices and orchestration tools like Kubernetes, but application security has often been neglected as it has limited DevOps' ability to reduce time to market," says David Aviv, CTO at Radware. "With Radware Kubernetes WAF, we are now enabling DevOps to seamlessly integrate application security into their environments without slowing down any of their development or implementation processes."

Radware Kubernetes WAF applies core technology recommended by NSS Labs and certified by ICSA Labs application protection for microservices running within a Kubernetes ecosystem. It supports both positive and negative security models, protecting applications from attacks originating from outside or inside (north-south and east-west traffic) the enterprise. It is highly scalable and automatically grows with the Kubernetes environment, providing strong security without manual intervention. The solution easily integrates with common software provisioning, testing and visibility tools and thus into the CI/CD pipeline to facilitate rapid security provisioning of new services and applications.

Radware Kubernetes WAF also offers an auto policy generation and optimization engine for application security in Kubernetes environments, enabling protection against known threats and zero-day attacks alike. It provides data leakage protection across web applications and APIs and gives both DevOps and Security teams unprecedented visibility including security events and policies, application telemetry, network statistics, performance and minimal latency. The solution enables single termination of TLS traffic only at the host level and thus eliminates the need to manage multiple certificates across different parties. Integrated reporting and analytics provide control to both DevOps and Security teams in a unified portal and interoperability with various open source visibility platforms.

Share this

Industry News

November 14, 2019

Raytheon Company is collaborating with Red Hat to develop a new, security-focused software development solution, known as DevSecOps, for enterprise environments.

November 14, 2019

Fugue has open sourced the Fugue Rego Toolkit (Fregot) to enhance the experience working with the Rego policy language.

November 14, 2019

Sysdig announced Sysdig Secure 3.0 to provide enterprises with threat prevention at runtime using Kubernetes-native Pod Security Policies (PSP).

November 13, 2019

Testim introduced the Testim Development Kit, a new way for developers to quickly create resilient tests directly in code.

November 13, 2019

Rollbar announced an error monitoring solution for Salesforce’s Apex platform.

November 13, 2019

StackRox announced version 3.0 of the StackRox Kubernetes Security Platform.

November 12, 2019

VMware announced rapid advancement of VMware Tanzu, a new portfolio of products and services designed to transform the way enterprises build, run and manage software on Kubernetes.

November 12, 2019

SmartBear released ReadyAPI 3.0. This latest release addresses the increasing requirement for organizations to consistently deliver high-quality APIs in order to meet accelerated business demands within compressed release cycles.

November 12, 2019

Aqua Security announced its expansion into cloud security posture management (CSPM) with its acquisition of CloudSploit.

November 07, 2019

To help developers increase the speed and quality of their SQL coding, enhance efficiency, and take advantage of the latest improvements in SQL Server, Redgate has released a major upgrade for its most popular tool, SQL Prompt.

November 07, 2019

CloudBees announced a partnership with Atos and VMware surrounding a solution to help customers adopt DevOps best practices at scale on Atos’ recently announced Atos Digital Hybrid Cloud (DHC) powered by VMware Tanzu and CloudBees cloud native continuous integration/continuous delivery (CI/CD) enterprise solution.

November 07, 2019

Fugue announced the release of the Fugue Best Practices Framework to help cloud engineering and security teams identify and remediate dangerous cloud resource misconfigurations that aren’t addressed by common compliance frameworks.

November 06, 2019

Red Hat and the Quarkus community announced Quarkus 1.0.

November 06, 2019

Copado announced its Winter 20 release to provide Salesforce customers the fastest path to continuous innovation.

November 06, 2019

Applause announced its new solution for AI training and testing.