Cloud Deployment Models
Mirantis | September 22, 2023
Mirantis has introduced Lens AppIQ, a new tool designed to simplify Kubernetes application management. Available directly to the 50,000 organizations using Lens, Lens AppIQ offers application intelligence, making it accessible for non-Kubernetes specialists to oversee applications across multiple clusters.
Lens AppIQ aggregates information from various configuration files and sources, presenting it in a user-friendly tabbed display. This feature allows cloud-native developers to streamline the deployment and management of Kubernetes applications, offering web-based tools for viewing application details, configuring security measures, and automating deployment processes.
With a quick launch time of under a minute, Lens AppIQ swiftly identifies applications in connected clusters and maps their components. Developers can access application architecture, metadata, logs, events, and more through Lens Desktop’s new 'Applications' view or the Lens AppIQ web portal, simplifying debugging, accelerating code releases, and enhancing performance optimization.
DevOps professionals, platform engineers, and operators can utilize Lens AppIQ to define, monitor, and enforce policies related to application performance, security, and compliance. Automation features in Lens AppIQ facilitate repeatable deployments and enable effortless application migration to new Kubernetes environments.
Miska Kaipiainen, Vice President of Engineering at Mirantis, reportedly stated,
While Lens Desktop already provides an incredibly user-friendly experience for Kubernetes management, we understand that cloud-native development doesn't end there. That's why we've created Lens AppIQ. Lens AppIQ complements Lens Desktop by offering real-time intelligence and additional insights into the apps running on your Kubernetes clusters. This not only makes debugging, operation, and security easier but also opens up Kubernetes to a broader audience of developers who can benefit from streamlined processes without having to become Kubernetes experts.
[Source – Businesswire]
Lens AppIQ is available for free for small-scale and trial use, accommodating up to 10 nodes, two clusters, and two users. A Pro plan is available for larger-scale use, supporting up to 100 nodes, 10 clusters, and 50 users, priced at $35 per node monthly, inclusive of 8 hours/5-day business hours support. Enterprises can opt for a bespoke version with 24/7 support and custom pricing.
Lens AppIQ is accessible within Lens Desktop for the 50,000 organizations currently using Lens and is also available as a Software as a Service (SaaS) solution.
With over 1 million users worldwide, Lens Desktop is a leading tool for boosting productivity in Kubernetes application development and management. This desktop application breaks down barriers for newcomers to Kubernetes while significantly enhancing the efficiency of experienced users. Lens supports all certified Kubernetes distributions on any infrastructure and seamlessly runs on Linux, macOS, and Windows. As the world's largest and most advanced Kubernetes platform, it provides real-time workload management, development, debugging, monitoring, and troubleshooting across multiple clusters. Built on open-source principles, Lens enjoys a strong community with over 20,000 stars on GitHub.
Mirantis is a leading company streamlining code delivery on public and private clouds with a ZeroOps approach to Kubernetes. It serves global enterprises, enhancing developer productivity and offering secure cloud solutions. Its clients include Adobe, DocuSign, PayPal, and others across diverse industries. Mirantis contributes to open-source projects like Lens and Kubernetes, empowering businesses to tackle complex challenges.
Tenable | September 11, 2023
Tenable Holdings, Inc. is strengthening its focus on cloud security through the acquisition of Ermetic Ltd., a cloud-native application protection platform (CNAPP) company specializing in cloud infrastructure entitlement management (CIEM). This strategic move aims to enhance Tenable's Exposure Management Platform by providing improved risk visibility, prioritization, and remediation solutions for both cloud and on-premises environments.
Ermetic's CNAPP offers comprehensive contextual analysis, simplifying the identification of critical issues like privileged access to exposed, vulnerable workloads. The integration of Ermetic's capabilities into Tenable One will broaden Tenable's offerings for hybrid environments, addressing the complex challenge of managing identity-based threats in the cloud.
According to the Cloud Security Alliance's 2022 Top Cloud Threats report, identity-based threats are a top concern in cloud security. Tenable's acquisition of Ermetic seeks to simplify the process of understanding access risks and permissions in the cloud, making it more accessible for security professionals with varying levels of expertise.
“We will have an opportunity to put additional market-leading cloud security capabilities into the hands of tens of thousands of customers,” said Amit Yoran, Chairman and Chief Executive Officer, Tenable. “Together, we will be able to deliver a holistic view of the modern attack surface and help organizations reduce exposure and risk, using identity as an essential foundation,” he further added.
[Source: Globe News Wire]
The combined offerings of Tenable and Ermetic will include a unified CNAPP solution for asset discovery, risk analysis, remediation, and compliance, as well as a robust CIEM solution for managing human and service identities in cloud infrastructure. The integration will provide context-aware risk prioritization across all cloud and on-premises resources and simplify the remediation process.
The acquisition, valued at approximately $240 million in cash and $25 million in restricted stock and RSUs, is expected to close in early Q4 2023. Tenable will finance the cash portion of the acquisition using existing funds. However, Ermetic's financial results in Q4 2023 are not anticipated to significantly impact revenue or billings but are expected to increase non-GAAP operating expenses by $4–6 million.
The combination of Tenable and Ermetic is poised to offer unparalleled visibility and value in managing cloud environments, simplifying the complexity of cloud security management.
Tenable is a prominent player in the computer and network security industry, headquartered in Columbia, MD. With a global footprint, the company serves approximately 40,000 organizations worldwide, including Fortune 500 giants, Global 2000 firms, and government agencies. Leveraging its renowned Nessus vulnerability expertise, Tenable offers a pioneering platform for comprehensively securing digital assets across various computing platforms. Its specialties encompass vulnerability management, continuous network monitoring, compliance, and a range of security solutions for web applications, containers, the cloud, industrial technology, IoT, and more.
Lacework | September 07, 2023
Lacework, a trailblazer in data-driven cloud security, has introduced an innovative community platform, expanding its arsenal of cutting-edge technical resources.
This dynamic community is a hub for Lacework's customers, support teams, and fellow cloud security experts. The Lacework Community is a multifaceted network comprising discussion forums, comprehensive documentation, a knowledge base, immersive events, and educational resources. Members are empowered to delve into a wealth of documentation through the platform's federated search or initiate unique discussions to glean insights from Lacework experts and industry peers.
Jay Parikh, CEO of Lacework, said they were always looking for new ways to help their customers succeed and that the community would connect them with their peers and partners to learn and share faster and more broadly. He also added that customers would experience a new level of support from Lacework through the discussions, documentation, and engagement.
Key features accessible to users of the Lacework Community include:
Discussion Forums: Covering a broad spectrum of Lacework and cloud security topics
Knowledge Base: Hosting numerous articles addressing common support issues
How-to Guides: Curated by Lacework's Customer Success Architects
Product Updates: Summarizing monthly releases and offering in-depth feature insights
Networked Events: Featuring daily office hours and marketing events
Integrated Documentation: Housing thousands of articles indexed for seamless federated search functionality
John Turner, Senior Security Architect at LendingTree, said that things changed fast in the cloud security world and that companies faced new daily threats and tactics. He also noted that quick learning and peer feedback could significantly affect any company's security posture. He added that Lacework's community would provide that critical input and elevate the cloud security conversation.
The Lacework Community is now open to both existing customers and potential prospects.
Lacework is a platform providing comprehensive cloud security, including threat detection, anomaly identification, and compliance management across multi-cloud systems, workloads, and Kubernetes. However, it faces challenges for a few users as visibility is lacking and compliance-related metrics and IAM security control could be improved. IAM security management controls and detection of deviations and misconfigurations are critical, but have yet to be developed in Lacework. There is no data governance or data visibility.
Lacework, a data-driven cloud security platform, automates security at scale with its Polygraph Data Platform. This platform uniquely collects, analyzes, and correlates data across AWS, Azure, GCP, and Kubernetes, pinpointing crucial security events amid vast data streams. Clients rely on Lacework for revenue growth, safer product launches, and consolidated security solutions.
Lacework strengthens cloud security, enabling faster innovation by scaling with an organization's dynamic cloud data, including code, identities, containers, and multi-cloud infrastructure. It offers security and development teams prioritized insights on significant risks.
Orca Security | September 14, 2023
Orca Security, a leader in agentless cloud security, has unveiled a groundbreaking AI-driven cloud asset search feature within its Orca Cloud Security Platform. This innovation positions Orca as the first provider to offer an AI-powered cloud asset search that's as simple as asking a question. This development empowers not only security professionals but also developers, DevOps teams, cloud architects, and risk governance and compliance teams to swiftly and effortlessly gain insights into their cloud environments.
Building upon its existing integrations with ChatGPT and Microsoft Azure OpenAI GPT-4 for generating remediation instructions, Orca's new AI-driven search functionality revolutionizes accessibility by enabling users to pose natural language queries like, ‘Do I have any Log4j vulnerabilities exposed to the public?’ or ‘Are there any unencrypted databases with sensitive data accessible on the internet?’ This democratizes cloud security, making it accessible to individuals across the organization, regardless of their expertise, to rapidly respond to zero-day risks, optimize cloud assets, and assess exposure to threats.
Gil Geron, CEO and co-founder of Orca Security, emphasized the platform's user friendliness, stating,
With our latest AI-powered cloud asset search, we are delivering on our promise to provide cloud security that is easy to operate. We built the industry’s first agentless cloud security platform to eliminate lengthy and labor-intensive deployments. Now we are focused on democratizing cloud security by introducing solutions that do not require reading through lengthy documentation or extensive training to operationalize, allowing security teams, developers, and DevOps teams to get value from day one.
[Source: Business wire]
Cloud asset discovery is a critical process involving the identification, categorization, and mapping of all digital assets within a cloud environment. This includes virtual machines, databases, storage instances, containers, networking components, and applications. Yet many organizations lack access to this vital information.
Orca's patented SideScanning technology offers 100% visibility for asset discovery and is now presenting this data intuitively to various teams across organizations, enabling a comprehensive understanding of their cloud environments. This capability is particularly crucial during zero-day threats, where speed is essential, facilitating faster and more effective mitigations.
Orca's solution also eliminates the need for users to understand different naming conventions for each cloud provider. Instead, users can ask general questions, and Orca will automatically search for the relevant status names for each provider, streamlining the search process and ensuring accurate results.
The AI-powered cloud asset search feature is immediately available through a feature request in the Orca Cloud Security Platform.
About Orca Security
Orca Security is a leading provider of cloud security solutions that offer full-stack visibility of the complete cloud infrastructure. It provides deep insights into vulnerabilities, malware, misconfigurations, and more across various platforms, including AWS, Azure, Google Cloud, Alibaba Cloud, and Kubernetes. The platform is designed to provide complete visibility of the entire cloud estate, from development to production, without requiring an agent. The company is known for innovative SideScanning technology that delivers instant-on, workload-level security.