Home > News > featured news > Uptycs Unveils Advanced Container and Kubernetes Capabilities

Platform Security

Uptycs Unveils Advanced Container and Kubernetes Capabilities

Uptycs | May 27, 2022

Uptycs
Uptycs, the first cloud-native security analytics platform that enables both cloud and endpoint security from a single platform, today unveiled expanded container and Kubernetes security posture management (KSPM) features for its cloud workload protection platform (CWPP). These features enable real-time identification of containerized workloads, proactive scanning of container images in the CI/CD pipeline, constant compliance monitoring, and Kubernetes security policy audit and enforcement.

According to Gartner, by 2026, over 90% of the world's enterprises will be operating containerized apps in production, up from less than 40% currently.

Businesses, on the other hand, struggle to manage and maintain these transitory assets. Misconfigurations in the control plane and insecure policies at the single container layer are used by attackers to escalate permissions, conduct container escapes, and compromise nodes for executing code.

"Organizations are rapidly scaling their Kubernetes environments and seeing tremendous gains in optimization, availability, and developer productivity, but too often Security teams are left playing catch up. With telemetry from Kubernetes systems supported by our analytics platform, Security teams know immediately what resources they have and the security posture of those resources—across public and private clouds, scaling to tens of thousands of pods. Combined with our industry-leading container security capabilities, this gives Security teams confidence that they have the proper controls in place to minimize risk while enabling innovation."

Ganesh Pai, CEO and Co-founder of Uptycs

Uptycs offers both fully managed (AWS EKS, Azure AKS, Google GKE) and self-managed Kubernetes environments, such as VMware Tanzu and Google Anthos. Uptycs contains a range of container runtimes (Docker, containerd, CRI-O).

The latest KSPM capabilities offered by the Uptycs platform are now readily accessible and will be shown at the 2022 RSA Conference (booth #435) from June 6-9. Learn more about the Uptycs container and Kubernetes security service by visiting the Uptycs blog.

Spotlight

Getting Started with DMARC Secure your email. Stop phishing. Protect your brand.

The reality of email is that cybercriminals can use almost any brand or email domain to send spam, phishing emails, and malware installs, inflicting direct losses to customers and eroding the brand equity companies have spent years building up. The solution is DMARC, which allows companies to understand all the different mail st

More featured news

Spotlight

Getting Started with DMARC Secure your email. Stop phishing. Protect your brand.

The reality of email is that cybercriminals can use almost any brand or email domain to send spam, phishing emails, and malware installs, inflicting direct losses to customers and eroding the brand equity companies have spent years building up. The solution is DMARC, which allows companies to understand all the different mail st

Related News

Enterprise Security, Platform Security, Software Security

Jamf Teams With Google Cloud to Enable Collaborative, Mobile Workforces Through New Advanced Security and Management Workflows

Globenewswire | July 07, 2023

Jamf (NASDAQ: JAMF), the standard in managing and securing Apple at work, announced three new integrations with Google Cloud, enabling and protecting mobile workforces that use Google and Apple. Encompassing Zero Trust, observability, and identity workflows, Jamf continues to provide unique value for Google Cloud users with Apple devices. Bringing Zero Trust to Life: Google Cloud’s BeyondCorp Enterprise Now Available for iOS and iPadOS Jamf’s integration with BeyondCorp now supports device compliance signals for iOS and iPadOS. The addition of Apple’s mobile platforms builds on last year’s release of the Jamf and Google Cloud’s BeyondCorp integration for macOS. Jamf is the first management platform to support Apple desktop and mobile devices in this Zero Trust framework. “Some of the world’s most successful organizations choose to empower their employees with Mac and iPhone, while taking advantage of Google Cloud’s speed, security and flexibility for Cloud applications,” said Sam Weiss, Alliance Partner Manager for Google at Jamf. “Now these modern companies that choose Apple hardware and Google Cloud software can more effectively secure and manage their mobile workforces.” Jamf’s extensive Apple device management and security capabilities allow the enforcement and monitoring of device compliance status. When integrated with BeyondCorp, admins can create context-aware access policies that include Jamf compliance status. This combination of device-based and user-based access controls allows organizations to define policies specific to their needs, ensuring all devices and users can access corporate data wherever they choose to work from. "We at Unibuddy are thrilled about the seamless integration between Jamf and Google Cloud's BeyondCorp, which aligns with our Zero Trust security model. This partnership will enable us to efficiently manage our macOS and iOS devices while enhancing our security posture and ensuring the privacy of our employees," said Rupen Valand, Global IT Manager at Unibuddy. "Strong security is important for university partners and employees because it helps protect sensitive data and build trust. By providing an extra layer of security for accessing company resources, this solution empowers our employees to work remotely with ease and confidence, unencumbered by security or privacy concerns. We're excited to implement this solution and unlock its full potential with our teams at Unibuddy." Elevating Security Operations: Google Cloud’s Chronicle Enhances Jamf Integration Security teams are more effective when they have complete visibility of events in their environment. Google Cloud’s Chronicle is a modern security operations suite that enables threat detection, investigation and response with speed, scale and precision. Chronicle SIEM’s default parsers for Jamf Pro and Jamf Protect now map even more Jamf data into Chronicle’s unified data model (UDM). Additionally, Chronicle’s new support for Webhooks means Jamf Protect can automatically send security alerts and events to Chronicle as they occur. Now, IT and security teams can more effectively collaborate on security event detection and prevention by aggregating Jamf’s Apple device telemetry in Chronicle. The Chronicle parsers for Jamf Pro, Jamf Protect and support for Webhook, are all available now. “Directly integrating Jamf Protect into Chronicle has been a big win for us,” said Mikail Tunç, Head Of Security at Algbra. “The extensive detail provided by Jamf Protect Telemetry logs has heightened our ability to identify and mitigate more threats than ever, while staying resilient to Apple OS updates. We look forward to contributing to the broader community by open-sourcing our Chronicle detection rules over Jamf Protect data.” Simplifying end-user protection: Jamf brings Google Cloud Identity support to Jamf Trust Jamf has extended Google Cloud Identity support to Jamf Trust and improved the user app for endpoint security. This enhancement brings a consistent single sign-on experience for users with their Identity credentials, enabling robust endpoint security without complex integrations or additional assistance from IT. “At Spendesk, we’re thrilled to have our native identity provider Google Cloud supported by the Jamf Trust app. This will allow us to speed up our Zero Trust adoption. It’s really great how Jamf supports Google Cloud-based organizations like Spendesk,” said Hakim Boukir, IT Manager at Spendesk. About Jamf Jamf’s purpose is to simplify work by helping organizations manage and secure an Apple experience that end users love and organizations trust. Jamf is the only company in the world that provides a complete management and security solution for an Apple-first environment that is enterprise secure, consumer simple and protects personal privacy. To learn more, visit www.jamf.com.

Read More

Enterprise Security, Platform Security, Software Security

Checkmarx Introduces Codebashing 2.0, the First AppSec Solution to Boost Developer Experience and Adoption with New Gamified User Interface

Prnewswire | July 24, 2023

Checkmarx, the global leader in application security solutions, has introduced Codebashing 2.0, its latest developer AppSec learning solution, equipping development teams with all the right skills to write secure code based on their roles and needs. Now offering an enhanced integration within the Checkmarx One™ Application Security Platform, Codebashing makes learning and developer adoption of application security (AppSec) frictionless and fully integrated into the development life cycle. With digital transformation increasing demands on software development teams, AppSec has become a critical area for large enterprises to reduce business risk even as less time is available for finding and fixing vulnerabilities in applications. In the interest of productivity and speed, most development teams work within integrated development environments (IDEs) and require security teams to prioritize and focus them on fixing key vulnerabilities. "The competing pressures of application time-to-deployment and AppSec risk reduction have long plagued and challenged development teams and CISOs," said Sandeep Johri, CEO at Checkmarx. "This new version of Codebashing is a game-changer for security teams to enable and provide knowledge and trust in handling vulnerabilities fixes. Its updated integration to the Checkmarx One platform solves some of the main challenges we constantly hear from CISOs and security teams seeking to improve the developer experience while also ensuring a secure and rapid pipeline of applications. These are critical elements of a successful digital transformation as enterprises continue their migration to the cloud." Learning key concepts within their familiar workspaces and applying those concepts from the first line of code to the last across all applications can significantly lower AppSec risk while boosting productivity. Codebashing 2.0 integrates fluidly into a developer's daily routine and workflow by offering "bite-sized" learning modules through Checkmarx One plugins within the developer's IDE. Designed by some of the industry's leading AppSec security researchers and engineers, Codebashing modules upskill developers' ability to write secure code from the very first line. Codebashing 2.0 offers a new way for security teams to better engage developers for AppSec adoption through a whole new experience and new gamified user interface. It includes a new Learning Path, which is a tailored professional skill tree that enables developers to continuously cultivate their expertise, stepping beyond the confines of one-time training sessions. The Learning Path is designed to be adaptive and personalized. Developers can select their unique path based on their specializations: Back-end, Front-end, or DevOps. This custom-tailored approach ensures that each developer is guided through the secure coding learning most pertinent to their specific role and responsibilities. Security Champion Program With Codebashing 2.0, Checkmarx has introduced the first in-market program to allow large enterprises to scale its AppSec program by training and certifying personnel from the engineering team as security champions. This certificate is backed by almost 20 years of AppSec expertise and includes a predefined training and certification including: Hours of gamified and comprehensive content such as quizzes and assessments to obtain and measure knowledge transfer Best practices critically needed by Security Champions. "The CISOs of global enterprise companies among our clients have repeatedly told us that two things are critical to building trust and collaboration between security and development teams: implementation of a proper framework of AppSec skills and methodologies and creating security champions among their developers. This is why we developed the first Security Champion Program in the market," said Ramon Herzlinger, General Manager of Codebashing at Checkmarx. "We invested extensively to ensure that all the relevant aspects are taught, including front-end, back-end, and DevOps-related knowledge and certification and based on feedbacks with customers who trailed it already, we are confident it is a major breakthrough in generating trust between security and development teams." Codebashing 2.0 includes a completely revamped user experience, new learning paths, and the most up to date AppSec learning content on the market covering the latest challenges and needs of development and security teams. With Codebashing 2.0, CISOs can identify gaps in knowledge about secure code capabilities fixes within their developers and help drive secure code awareness. For more information and to request the latest Codebashing 2.0 demo, visit this page. About Checkmarx Checkmarx is the leading application security provider, offering the industry's most comprehensive and innovative cloud-native platform, Checkmarx One™. Fueled by intelligence from our industry leading AppSec security research team, our products and services enable enterprises to shift everywhere in order to secure every phase of development for every application while simultaneously balancing the dynamic needs of CISOs, security teams, and development teams. We are honored to serve more than 1,800 customers, including 60 percent of Fortune 100 organizations, and are committed to moving forward with an unwavering dedication to the safety and security of our customers and the applications that power our day-to-day lives. Checkmarx. Make Shift Happen.

Read More

Enterprise Security, Software Security, API Security

Salt Security API Protection Platform Wins "Best API Security Solution" in Prestigious 2023 SC Awards

PR Newswire | August 22, 2023

Salt Security, the leading API security company, today announced that the Salt Security API Protection Platform has won the "Best API Security Solution" category in this year's 2023 SC Awards. Now in its 26th year, the SC Awards recognizes outstanding solutions, organizations and people driving advancements in the practice of information security. Salt Security pioneered the API security market. Its proven and mature API security platform empowers organizations to easily and quickly detect the reconnaissance activity of bad actors and block them before they can successfully reach their objective. With its powerful cloud-scale big data and time-tested artificial intelligence (AI) algorithms, Salt delivers automated and continuous analysis and the adaptive intelligence required to identify and defend against today's increasing API attacks, including those outlined in the OWASP API Security Top 10 list. These protections enable organizations to prevent fraud, secure their own and their customers' data, and ultimately protect revenue. "APIs represent the critical communications link that transports the data powering all of today's digital innovation," said Roey Eliyahu, co-founder and CEO, Salt Security. "Because APIs carry such vast and valuable amounts of sensitive and personal data, they have become a huge attack target for cybercriminals. However, the nature of API attacks differs from traditional attacks. Salt was the first to recognize the need for a different security approach, and we are honored to have our approach validated with this SC Award for Best API Security Solution." According to the Salt Labs State of API Security Report, Q1 2023, 94% of survey respondents experienced security problems in production APIs in the past year, with 17% stating their organizations suffered a data breach as a result of security gaps in APIs. The Salt platform delivers the deepest insights into API threats and vulnerabilities to quickly detect and block attackers. By applying its ML and AI algorithms, Salt can capture and baseline all API traffic over days, weeks, and even months, providing real-time analysis and correlation across billions of API calls to protect organizations from API threats. "This year's SC Award winners reflected our industry in flux," said Tom Spring, SC Media's editorial director at CyberRisk Alliance. "Winners demonstrated uncanny market agility and brought innovative solutions to help their customers stay ahead of increasingly sophisticated adversaries and emerging threats." About Salt Security Salt Security protects the APIs that form the core of every modern application. Its patented API Protection Platform is the only API security solution that combines the power of cloud-scale big data and time-tested ML/AI to detect and prevent API attacks. By correlating activities across millions of APIs and users over time, Salt delivers deep context with real-time analysis and continuous insights for API discovery, attack prevention, and hardening APIs. Deployed quickly and seamlessly integrated within existing systems, the Salt platform gives customers immediate value and protection, so they can innovate with confidence and accelerate their digital transformation initiatives. For more information, visit: https://salt.security/

Read More

Enterprise Security, Platform Security, Software Security

Jamf Teams With Google Cloud to Enable Collaborative, Mobile Workforces Through New Advanced Security and Management Workflows

Globenewswire | July 07, 2023

Jamf (NASDAQ: JAMF), the standard in managing and securing Apple at work, announced three new integrations with Google Cloud, enabling and protecting mobile workforces that use Google and Apple. Encompassing Zero Trust, observability, and identity workflows, Jamf continues to provide unique value for Google Cloud users with Apple devices. Bringing Zero Trust to Life: Google Cloud’s BeyondCorp Enterprise Now Available for iOS and iPadOS Jamf’s integration with BeyondCorp now supports device compliance signals for iOS and iPadOS. The addition of Apple’s mobile platforms builds on last year’s release of the Jamf and Google Cloud’s BeyondCorp integration for macOS. Jamf is the first management platform to support Apple desktop and mobile devices in this Zero Trust framework. “Some of the world’s most successful organizations choose to empower their employees with Mac and iPhone, while taking advantage of Google Cloud’s speed, security and flexibility for Cloud applications,” said Sam Weiss, Alliance Partner Manager for Google at Jamf. “Now these modern companies that choose Apple hardware and Google Cloud software can more effectively secure and manage their mobile workforces.” Jamf’s extensive Apple device management and security capabilities allow the enforcement and monitoring of device compliance status. When integrated with BeyondCorp, admins can create context-aware access policies that include Jamf compliance status. This combination of device-based and user-based access controls allows organizations to define policies specific to their needs, ensuring all devices and users can access corporate data wherever they choose to work from. "We at Unibuddy are thrilled about the seamless integration between Jamf and Google Cloud's BeyondCorp, which aligns with our Zero Trust security model. This partnership will enable us to efficiently manage our macOS and iOS devices while enhancing our security posture and ensuring the privacy of our employees," said Rupen Valand, Global IT Manager at Unibuddy. "Strong security is important for university partners and employees because it helps protect sensitive data and build trust. By providing an extra layer of security for accessing company resources, this solution empowers our employees to work remotely with ease and confidence, unencumbered by security or privacy concerns. We're excited to implement this solution and unlock its full potential with our teams at Unibuddy." Elevating Security Operations: Google Cloud’s Chronicle Enhances Jamf Integration Security teams are more effective when they have complete visibility of events in their environment. Google Cloud’s Chronicle is a modern security operations suite that enables threat detection, investigation and response with speed, scale and precision. Chronicle SIEM’s default parsers for Jamf Pro and Jamf Protect now map even more Jamf data into Chronicle’s unified data model (UDM). Additionally, Chronicle’s new support for Webhooks means Jamf Protect can automatically send security alerts and events to Chronicle as they occur. Now, IT and security teams can more effectively collaborate on security event detection and prevention by aggregating Jamf’s Apple device telemetry in Chronicle. The Chronicle parsers for Jamf Pro, Jamf Protect and support for Webhook, are all available now. “Directly integrating Jamf Protect into Chronicle has been a big win for us,” said Mikail Tunç, Head Of Security at Algbra. “The extensive detail provided by Jamf Protect Telemetry logs has heightened our ability to identify and mitigate more threats than ever, while staying resilient to Apple OS updates. We look forward to contributing to the broader community by open-sourcing our Chronicle detection rules over Jamf Protect data.” Simplifying end-user protection: Jamf brings Google Cloud Identity support to Jamf Trust Jamf has extended Google Cloud Identity support to Jamf Trust and improved the user app for endpoint security. This enhancement brings a consistent single sign-on experience for users with their Identity credentials, enabling robust endpoint security without complex integrations or additional assistance from IT. “At Spendesk, we’re thrilled to have our native identity provider Google Cloud supported by the Jamf Trust app. This will allow us to speed up our Zero Trust adoption. It’s really great how Jamf supports Google Cloud-based organizations like Spendesk,” said Hakim Boukir, IT Manager at Spendesk. About Jamf Jamf’s purpose is to simplify work by helping organizations manage and secure an Apple experience that end users love and organizations trust. Jamf is the only company in the world that provides a complete management and security solution for an Apple-first environment that is enterprise secure, consumer simple and protects personal privacy. To learn more, visit www.jamf.com.

Read More

Enterprise Security, Platform Security, Software Security

Checkmarx Introduces Codebashing 2.0, the First AppSec Solution to Boost Developer Experience and Adoption with New Gamified User Interface

Prnewswire | July 24, 2023

Checkmarx, the global leader in application security solutions, has introduced Codebashing 2.0, its latest developer AppSec learning solution, equipping development teams with all the right skills to write secure code based on their roles and needs. Now offering an enhanced integration within the Checkmarx One™ Application Security Platform, Codebashing makes learning and developer adoption of application security (AppSec) frictionless and fully integrated into the development life cycle. With digital transformation increasing demands on software development teams, AppSec has become a critical area for large enterprises to reduce business risk even as less time is available for finding and fixing vulnerabilities in applications. In the interest of productivity and speed, most development teams work within integrated development environments (IDEs) and require security teams to prioritize and focus them on fixing key vulnerabilities. "The competing pressures of application time-to-deployment and AppSec risk reduction have long plagued and challenged development teams and CISOs," said Sandeep Johri, CEO at Checkmarx. "This new version of Codebashing is a game-changer for security teams to enable and provide knowledge and trust in handling vulnerabilities fixes. Its updated integration to the Checkmarx One platform solves some of the main challenges we constantly hear from CISOs and security teams seeking to improve the developer experience while also ensuring a secure and rapid pipeline of applications. These are critical elements of a successful digital transformation as enterprises continue their migration to the cloud." Learning key concepts within their familiar workspaces and applying those concepts from the first line of code to the last across all applications can significantly lower AppSec risk while boosting productivity. Codebashing 2.0 integrates fluidly into a developer's daily routine and workflow by offering "bite-sized" learning modules through Checkmarx One plugins within the developer's IDE. Designed by some of the industry's leading AppSec security researchers and engineers, Codebashing modules upskill developers' ability to write secure code from the very first line. Codebashing 2.0 offers a new way for security teams to better engage developers for AppSec adoption through a whole new experience and new gamified user interface. It includes a new Learning Path, which is a tailored professional skill tree that enables developers to continuously cultivate their expertise, stepping beyond the confines of one-time training sessions. The Learning Path is designed to be adaptive and personalized. Developers can select their unique path based on their specializations: Back-end, Front-end, or DevOps. This custom-tailored approach ensures that each developer is guided through the secure coding learning most pertinent to their specific role and responsibilities. Security Champion Program With Codebashing 2.0, Checkmarx has introduced the first in-market program to allow large enterprises to scale its AppSec program by training and certifying personnel from the engineering team as security champions. This certificate is backed by almost 20 years of AppSec expertise and includes a predefined training and certification including: Hours of gamified and comprehensive content such as quizzes and assessments to obtain and measure knowledge transfer Best practices critically needed by Security Champions. "The CISOs of global enterprise companies among our clients have repeatedly told us that two things are critical to building trust and collaboration between security and development teams: implementation of a proper framework of AppSec skills and methodologies and creating security champions among their developers. This is why we developed the first Security Champion Program in the market," said Ramon Herzlinger, General Manager of Codebashing at Checkmarx. "We invested extensively to ensure that all the relevant aspects are taught, including front-end, back-end, and DevOps-related knowledge and certification and based on feedbacks with customers who trailed it already, we are confident it is a major breakthrough in generating trust between security and development teams." Codebashing 2.0 includes a completely revamped user experience, new learning paths, and the most up to date AppSec learning content on the market covering the latest challenges and needs of development and security teams. With Codebashing 2.0, CISOs can identify gaps in knowledge about secure code capabilities fixes within their developers and help drive secure code awareness. For more information and to request the latest Codebashing 2.0 demo, visit this page. About Checkmarx Checkmarx is the leading application security provider, offering the industry's most comprehensive and innovative cloud-native platform, Checkmarx One™. Fueled by intelligence from our industry leading AppSec security research team, our products and services enable enterprises to shift everywhere in order to secure every phase of development for every application while simultaneously balancing the dynamic needs of CISOs, security teams, and development teams. We are honored to serve more than 1,800 customers, including 60 percent of Fortune 100 organizations, and are committed to moving forward with an unwavering dedication to the safety and security of our customers and the applications that power our day-to-day lives. Checkmarx. Make Shift Happen.

Read More

Enterprise Security, Software Security, API Security

Salt Security API Protection Platform Wins "Best API Security Solution" in Prestigious 2023 SC Awards

PR Newswire | August 22, 2023

Salt Security, the leading API security company, today announced that the Salt Security API Protection Platform has won the "Best API Security Solution" category in this year's 2023 SC Awards. Now in its 26th year, the SC Awards recognizes outstanding solutions, organizations and people driving advancements in the practice of information security. Salt Security pioneered the API security market. Its proven and mature API security platform empowers organizations to easily and quickly detect the reconnaissance activity of bad actors and block them before they can successfully reach their objective. With its powerful cloud-scale big data and time-tested artificial intelligence (AI) algorithms, Salt delivers automated and continuous analysis and the adaptive intelligence required to identify and defend against today's increasing API attacks, including those outlined in the OWASP API Security Top 10 list. These protections enable organizations to prevent fraud, secure their own and their customers' data, and ultimately protect revenue. "APIs represent the critical communications link that transports the data powering all of today's digital innovation," said Roey Eliyahu, co-founder and CEO, Salt Security. "Because APIs carry such vast and valuable amounts of sensitive and personal data, they have become a huge attack target for cybercriminals. However, the nature of API attacks differs from traditional attacks. Salt was the first to recognize the need for a different security approach, and we are honored to have our approach validated with this SC Award for Best API Security Solution." According to the Salt Labs State of API Security Report, Q1 2023, 94% of survey respondents experienced security problems in production APIs in the past year, with 17% stating their organizations suffered a data breach as a result of security gaps in APIs. The Salt platform delivers the deepest insights into API threats and vulnerabilities to quickly detect and block attackers. By applying its ML and AI algorithms, Salt can capture and baseline all API traffic over days, weeks, and even months, providing real-time analysis and correlation across billions of API calls to protect organizations from API threats. "This year's SC Award winners reflected our industry in flux," said Tom Spring, SC Media's editorial director at CyberRisk Alliance. "Winners demonstrated uncanny market agility and brought innovative solutions to help their customers stay ahead of increasingly sophisticated adversaries and emerging threats." About Salt Security Salt Security protects the APIs that form the core of every modern application. Its patented API Protection Platform is the only API security solution that combines the power of cloud-scale big data and time-tested ML/AI to detect and prevent API attacks. By correlating activities across millions of APIs and users over time, Salt delivers deep context with real-time analysis and continuous insights for API discovery, attack prevention, and hardening APIs. Deployed quickly and seamlessly integrated within existing systems, the Salt platform gives customers immediate value and protection, so they can innovate with confidence and accelerate their digital transformation initiatives. For more information, visit: https://salt.security/

Read More

More featured news