Security teams using AWS Security Hub
October 2020 by Marc Jacob
Alcide announced the company’s security solutions are now integrated with AWS Security Hub, sending real-time threat intelligence and compliance information to Amazon Web Services (AWS) for easy consumption by Security and DevSecOps teams. Alcide’s SaaS and container-based solutions for Kubernetes security are available in AWS Marketplace.
AWS Security Hub gives AWS customers a comprehensive view of security posture across all their AWS accounts. As a single place that aggregates, organizes, and prioritizes security information from multiple sources, AWS Security Hub helps identify security findings and remediate security threats. AWS Security Hub supports AWS-native applications and AWS Partner solutions, such as Alcide’s.
“In order to provide a comprehensive security posture assessment for each of our diverse customers, we recognize that AWS Security Hub must bring together a comprehensive set of industry-leading security AWS Partners,” said Dan Plastina, Vice President, Security Services, Amazon Web Services, Inc. “Today, we’re pleased to add the Alcide Kubernetes Security Platform to the list of security integrations for AWS Security Hub.”
The Alcide Kubernetes Security Platform sends Kubernetes security alerts to AWS Security Hub, highlighting security events derived from Kubernetes audit logs. The Alcide kAudit module continuously monitors Kubernetes audit logs to detect known threats using pre-set rules, and detects unknown threats by applying Alcide’s unique ML-based anomaly engine.
The Alcide Platform also provides Kubernetes security best practices and compliance checks. It allows AWS customers to determine if their Kubernetes deployments are configured correctly and whether there is any security drift between developer, testing, and production. Alcide Platform also supports threat intelligence, detecting malicious network activity such as crypto-mining, and more down to the pod level. Lastly, Alcide’s anomaly engine also detects advanced network attacks such as low-and-slow evolving network attacks and DNS tunneling.
“Integrating with the AWS Security Hub is an important strategic achievement for Alcide. Our Kubernetes Security Platform enables continuous audit and compliance for Kubernetes clusters, and integrating with AWS Security Hub will make our software even easier to deploy for DevOps teams using AWS,” said Amir Ofek, CEO of Alcide.
The rapid adoption of Kubernetes has left many companies struggling to find developers experienced with Kubernetes, and security has suffered as a result. In 2019, Alcide conducted an industry study with the Alcide Advisor by scanning over 5,000 Kubernetes deployments and found that 89% were not leveraging the Kubernetes secrets functionality, potentially exposing sensitive data to the internet and malicious actors. Subsequently, the Alcide kAudit module was selected as one of the 10 hottest Kubernetes technologies in 2019 by CRN magazine for the threat intelligence it could extract from real-time monitoring of Kubernetes audit logs.