Back to Posts
Posted by Phil Alsop on 10 May 2024 at 2:03 pm
  • news

Dynatrace is enhancing its platform with new Kubernetes Security Posture Management (KSPM) capabilities for observability-driven security, configuration, and compliance monitoring. This announcement follows the rapid integration of Runecast technology into the Dynatrace® platform following the company’s successful acquisition earlier this year. The new KSPM offering builds on Dynatrace’s existing security protection capabilities, including Runtime Vulnerability Analytics (RVA) and Runtime Application Protection (RAP), strengthening cloud-native application protection in the Dynatrace platform. These combined capabilities provide DevSecOps, security, platform engineering, and SRE teams, who are all responsible for ensuring the security of Kubernetes environments, with an innovative solution for security posture and compliance.

“As workloads become more dynamic, integrating KSPM into the deployment lifecycle is essential for the security of Kubernetes environments and adherence to best practices and standards,” says KellyAnn Fitzpatrick, Senior Analyst with RedMonk. “Through a combination of real-time vulnerability assessments and contextual security insights, Dynatrace’s new KSPM solution aims to empower teams to proactively address risks and achieve complete visibility into their security posture, compliance status, and attack vectors. Such solutions can enable teams to confidently accelerate their digital transformation, knowing that their cloud-native environment is protected.”

Dynatrace’s new KSPM solution, combined with the platform’s existing RVA and RAP capabilities, enables teams to instantly detect risks in their Kubernetes deployments and automatically prioritize remediation based on risk exposure. To achieve this at scale, Dynatrace uses Davis® hypermodal AI, which combines predictive and causal AI techniques for precise answers and automation and generative AI for increased productivity. As a result, teams can gain comprehensive insights into cloud-native applications across code, libraries, language runtime, and container infrastructure. This helps them strengthen the security posture of their Kubernetes deployments, while also complying with regulatory frameworks and industry best practices, including those defined by the Center for Internet Security (CIS).

“While most teams rely on agentless workload scanning to enable KSPM, this snapshot approach is incapable of providing real-time insights and often causes a frequency of excessive alerts, without runtime context, that waste time and make remediation efforts more confusing,” said Bernd Greifeneder, CTO at Dynatrace. “As the attack surface of cloud applications continues to increase and attackers are targeting the misconfiguration of cloud infrastructure, APIs, and the software supply chain itself, organizations must evolve their solutions and processes to ensure their cloud technologies, including Kubernetes, are constantly protected against the latest risks and empower teams to operate with best practices. Building on the Dynatrace platform’s existing RVA and RAP capabilities, Dynatrace is delivering an innovative approach to KSPM that we believe sets us apart, providing teams with real-time insights, automated compliance, and actionable advice that free up resources and reduce exposure risk.”