Expel MDR for Kubernetes addresses three core layers of Kubernetes applications: configuration, control panel, and run-time security. Credit: shutterstock Security operations provider Expel has announced the general availability of Expel managed detection and response (MDR) for Kubernetes. The firm said the product enables customers to secure their business across their Kubernetes environment and adopt new technologies at scale without being hindered by security concerns. It has also been designed to align with the MITRE ATT&CK framework to help teams remediate threats and improve resilience, Expel added.Kubernetes is an open-source orchestration system that relies on containers to automate the deployment, scaling, and management of applications, usually in a cloud environment. Over time, it has become the de facto operating system of the cloud, but can also pose significant security risks and challenges for businesses.Expel MDR for Kubernetes addresses configuration, control panel, run-time securityExpel MDR for Kubernetes enables teams to quickly detect and respond to security risks in their Kubernetes environments without slowing down DevOps, enabling organizations to focus more on the priorities that matter most to the business, the company said in a press release. The offering provides insights across three core layers of Kubernetes applications: configuration, control panel, and run-time security. These include: Identification of cluster misconfigurations to help businesses stay ahead of pervasive misconfigurations, with reference to the Center for Information Security (CIS) Kubernetes benchmark for best practices to recommend configuration improvementsIntegration with Amazon Elastic Kubernetes Service (EKS) and Google Kubernetes Engine (GKE) infrastructure, analyzing Kubernetes audit logs, applying custom detection logic to malicious or interesting activity, and providing remediation recommendationsIntegration with a portfolio of run-time container security vendors to provide customers more value from the tech they already useExpel MDR for Kubernetes also aligns to the MITRE ATT&CK framework, providing Expel-written detections that learn and adapt based on activity in the environment, helping customers address Kubernetes threats and apply best-practices to track Kubernetes security posture over time, Expel said. Expel MDR for Kubernetes is available now. Organizations face significant Kubernetes security challengesRedhat’s 2022 State of Kubernetes security report highlighted the biggest Kubernetes security threats and challenges impacting businesses, based on survey results from more than 300 DevOps, engineering, and security professionals. It discovered that 93% of respondents experienced at least one security incident in their Kubernetes environments in the previous 12 months, sometimes leading to revenue or customer loss. A combination of likely contributing factors was cited, including a lack of security knowledge about containers and Kubernetes, inadequate or unfit security tooling, and central security teams unable to keep up with fast-moving application development teams.Detected misconfigurations was the top security incident cited (53%), followed by major vulnerabilities (38%), runtime incidents (30%), and audit fails (22%). The report also highlighted stark discrepancy over which operational roles primarily own Kubernetes security, with just 16% of respondents able to identify the central IT security team to hold responsibility for Kubernetes security. In 2021, the US National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) issued a joint document entitled Kubernetes Hardening Guidance to help organizations deal with security in a containerized environment, which is more complex than traditional, monolithic software platforms. Related content news Singing River ransomware attack now thought to have affected over 895,000 The health care provider has dramatically increased its estimate of the number of patients affected by the August 2023 attack. By Shweta Sharma May 15, 2024 4 mins Data Breach Ransomware brandpost Sponsored by Sans Institute Clock is ticking for companies to prepare for EU NIS2 Directive Many companies are still not ready for the impact of NIS2, but SANS can help them prepare. By Laura McEwan May 15, 2024 3 mins Security feature Backlogs at National Vulnerability Database prompt action from NIST and CISA A crisis at the key US service for ranking vulnerabilities has been fueled by short resources and an explosion of security flaws as the volume of software production increases. By John Mello Jr. May 15, 2024 10 mins Threat and Vulnerability Management Security Practices Vulnerabilities news FBI warns Black Basta ransomware impacted over 500 organizations worldwide CISA advisory includes indicators of compromise and TTPs that can be used for threat hunting. By Lucian Constantin May 14, 2024 6 mins Ransomware Phishing Healthcare Industry PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe