Dynatrace, a leader in unified observability and security, has announced the enhancement of its platform with new Kubernetes Security Posture Management (KSPM) capabilities for observability-driven protection, configuration and compliance monitoring.
The announcement comes after the rapid integration of Runecast technology into the Dynatrace platform following the company’s successful acquisition earlier this year.
The new Kubernetes Security Posture Management offering builds on Dynatrace’s existing security hardening capabilities, including Runtime Vulnerability Analytics (RVA) and Runtime Application Protection (RAP), strengthening the security of cloud-native applications on the Dynatrace platform.
These combined capabilities provide DevSecOps, security, platform engineering and Site Reliability Engineering (SRE) teams, who are responsible for ensuring the protection of Kubernetes environments, with an innovative solution for security posture and compliance.
“As workloads become more dynamic, integrating KSPM into the deployment lifecycle is essential for securing Kubernetes environments and adhering to best practices and standards,” said KellyAnn Fitzpatrick, Senior Analyst at RedMonk.
“Through a combination of real-time vulnerability assessments and contextual protection insights, Dynatrace’s new KSPM solution aims to empower teams to proactively address risks and gain complete visibility into their security posture, compliance status and attack vectors. Such solutions can enable teams to accelerate their Digital Transformation with confidence, knowing that their cloud-native environment is protected.”
Dynatrace’s new KSPM solution, combined with the platform’s existing Runtime Vulnerability Scanning and Runtime Application Protection capabilities, enables teams to instantly detect risks in their Kubernetes deployments and automatically prioritize remediation based on risk exposure.
To achieve this at scale, Dynatrace utilizes Davis Hypermodal Artificial Intelligence, which combines predictive and causal AI techniques for accurate responses and automation, as well as Generative AI to increase productivity.
As a result, teams can gain comprehensive insights into cloud-native applications, including code, libraries, language runtime and container infrastructure. This helps them strengthen the security posture in their Kubernetes deployments while adhering to regulatory frameworks and industry best practices, including those defined by the Center for Internet Security (CIS).
“While most teams rely on agentless workload scanning to enable Kubernetes Security Posture Management, this instantaneous approach is unable to provide real-time insights and often causes a frequency of excessive alerts, lacking runtime context, that waste time and make remediation efforts more confusing,” said Bernd Greifeneder, Chief Technology Officer at Dynatrace.
“As the attack surface of cloud applications continues to increase and attackers target the misconfiguration of cloud infrastructure, APIs (communication mechanisms between software components) and the software supply chain itself, companies must evolve their solutions and processes to ensure that their cloud technologies, including Kubernetes, are constantly protected against the latest risks and empower teams to operate with best practices.
“Building on the existing Runtime Vulnerability Scanning and Runtime Application Protection capabilities of its platform, Dynatrace is delivering an innovative approach to Kubernetes Security Posture Management that we believe sets us apart from the market by providing teams with real-time insights, automated compliance, and actionable advice that frees up resources and reduces the risk of exposure.”
Dynatrace’s Kubernetes Security Posture management is expected to be available in the second half of 2024.
Click below to share this article