Accuknox will be making available support for virtual machines and bare-metal workloads.  

Today’s workloads are hybrid

Most common cloud workloads today are hybrid i.e can be a good mix of Virtual machines, K8s, or plain vanilla containers. Some workloads even run on bare metal infrastructure, for example labs, test infrastructure etc typically are run in-house on customer managed data-centers or colo data centers.

The problem that we’re trying to solve is that it should be easy to add Network security or application security policies for your cloud infrastructure on Accuknox, whatever be the kind of workload that you have i.e. a pure k8s or a hybrid workload with k8s and virtual machines.

The features that are a part of the VM / Baremetal support include:

Simplified on-boarding of virtual machines and bare-metal instances

Virtual machines and bare-metal instances can be easily on-boarded with simple scripts that can be deployed as a part of Terraform scripts so as to automatically have them enabled for cloud security policies on the Accuknox console.

Automated on-boarding with cloud infrastructure service account is also a feature that will be available shortly allowing Accuknox to pick up instance details from within cloud infrastructure such as AWS, Google Cloud and Azure service accounts.

Automated discovery of Processes and respective workloads

Accuknox automatically identifies user spaces processes and workloads so that security professionals can create policies that apply to specific processes. An example would be a mysql workload which is running on Virtual machines. Accuknox would automatically identify MySQL and assign a process profile enabling users to create security policies against specific processes.

Auto-discovery of policies on Virtual machine and bare metal workloads

Accuknox can also automatically discover network and application security policies on Virtual machine and bare-metal workloads for both network and application security policies.

These policies are available in the auto discovery UI on the Accuknox console. For more information, read the auto-discovery of policies blog

Identification of a full Process graph which allows us to map the full list of process calls, file access, network access, sys calls and more.

Learn more about Process Graph on this link

Now you can protect your workloads in minutes using AccuKnox, it is available to protect your Kubernetes and other cloud workloads using Kernel Native Primitives such as AppArmor, SELinux, and eBPF.

Let us know if you are seeking additional guidance in planning your cloud security program.

Read more blogs from Cloud Security Category here.