Kubernetes - Lacework
Search
English Français Deutsch
Platform
Environments
Technology
Back
Polygraph® Data Platform
Data-driven protection from code to cloud, all in one place
CNAPPCloud-Native Application Protection Platform Secure across the entire application lifecycle IaCInfrastructure-as-Code Security Fix misconfigurations at the earliest possible point K8sKubernetes Security Find risks and threats in your K8s clusters Container Security Visibility into complex host and container activity
CSPMCloud Security Posture Management Assess risks and optimize your cloud security posture CWPPCloud Workload Protection Platform Monitor workloads continuously for threats Vulnerability Management Find and fix vulnerabilities in build time and runtime Cloud Compliance Streamline audits to meet industry standards
Back
Amazon Web Services (AWS) Simplify security for Amazon Web Services Google Cloud Automate security for Google Cloud
Microsoft Azure Continuously secure Microsoft Azure apps Multicloud Protection across multicloud and hybrid
Back
Data Ingestion See more with combined agentless and agent-based approach Integrations Supercharge productivity by integrating with your existing workflows
Polygraph®: Behavioral Analytics Engine Automatically find and know your normal with our patented machine-learning technology
Get started
Solutions
User Role
Back
HealthTech Protect healthcare data and demonstrate HIPAA compliance Gaming Secure player data while speeding game development
FinTech Prevent cybercrime with safe financial transactions Cloud Security for Startups Automate processes to accelerate small business growth
Back
Security Pinpoint cloud issues, with rich context to act fast
Developer Build faster with continuous security and deep visibility
Get started
Customers

Our Customers

Lacework is trusted by the most innovative companies across the globe.

Explore Success Stories
Customer Success
Customer Support
Pocket Gems protects customer data and improves vulnerability detection

Pocket Gems protects customer data and improves vulnerability detection

Read the Case Study
Get started
Partners

Lacework Partner Program

We are helping our partners build successful and profitable cloud security practices to help meet the adoption of cloud.

Learn More
Channel Partners
Strategic Alliances
Get insights into the current ransomware landscape and best practices to reduce your risk.

Get insights into the current ransomware landscape and best practices to reduce your risk.

Learn more
Get started
Resources

Resources

Learn about Lacework’s modern approach to cloud security with Blogs, Case Studies, Videos, eBooks, Webinars, and White Papers.

Explore Resources Library
Resources & Insights
Training & Documentation
Get insights into some of the main trends in the cloud threat landscape.

Get insights into some of the main trends in the cloud threat landscape.

Cloud Threat Report, Volume 4
Get started
Company

Company

We are changing the future of cloud security with automation and data so our customers can innovate with speed and safety.

Learn more about Lacework
Newsroom & Events
People
Responsibility
Get started

Kubernetes security and visibility

Harden Kubernetes security posture (KSPM), find vulnerabilities, detect unusual behavior, and spot runtime threats.

Solution Brief: Comprehensive, automated Kubernetes security
Polygraph Kubernetes Dashboard
Polygraph Kubernetes Dashboard
Watch Demo
Overview

Highly dynamic and configurable K8s causes security issues

Security risks have become more prominent, as development teams accelerate their use of Kubernetes to achieve speed and efficiency goals.

Complex environments obstruct visibility

Complex environments obstruct visibility

The dynamic nature of K8s creates complexity and blind spots for security and compliance. Secure K8s with comprehensive visibility.

Rules alone cannot protect against threats

Rules alone cannot protect against threats

Rules only find known risks, and can break in K8s environments. Automate security to detect unknown threats without writing complex rules.

Alerts without context are just noise

Alerts without context are just noise

Hundreds or thousands of alerts overwhelm security. Accelerate response time with only a few alerts that provide valuable security context.

The Role of Kubernetes in Cloud Security
White Paper

The Role of Kubernetes in Cloud Security

Read White Paper
10 security best practices for Kubernetes
eBook

10 security best practices for Kubernetes

Read eBook
Benefits

Run Kubernetes with confidence

Accelerate Kubernetes and container usage with security and compliance control from build to runtime, across K8s control and data planes.

  • Secure from the beginning

    Automate guardrails at every stage of the cloud-native application lifecycle and prevent misconfigured K8s resources from being deployed.

  • Deliver secure applications on time

    Empower developers and DevOps teams to secure applications effortlessly within existing workflows and avoid last-minute security delays.

  • Uncover hidden runtime threats

    Gain immediate visibility into unusual behavior and previously unknown and zero-day threats within K8s and running container workloads.

Our Approach

Comprehensive Kubernetes security

Harden K8s security posture, find vulnerabilities, and automatically detect unusual behavior and runtime threats without writing rules.

Secure K8s early in software lifecycle

  • Rapidly find and fix vulnerabilities and misconfigurations within Kubernetes Manifest, Helm, Terraform, and more.
  • Automate security and compliance guardrails at each commit and pull request within GitHub and GitLab repositories.
  • Boost developer productivity with actionable findings and guided remediation that are tightly integrated within existing toolchains and workflows.
  • Dramatically reduce cloud risk by preventing non-compliant and misconfigured Infrastructure as Code from being deployed.

Focus on image risks that matter most

  • Correlate multiple risk factors and combine build and runtime insights to identify which image vulnerabilities matter most in your environment.
  • Automatically detect or block non-compliant container images through the Kubernetes Admission Controller before they are deployed.
  • Perform fast on-demand scans of container images or schedule every 15 minutes using auto-polling.
  • Continuously scan new and existing images within public and private registries.

Harden K8s security posture (KSPM)

  • Automatically discover all Kubernetes assets and resources including workloads, pods, nodes, and more.
  • Harden security posture (KSPM), enforce least privilege, protect secrets, ensure containers are not running as root, and more.
  • Quickly assess compliance with industry best practices and regulations including CIS, HIPAA, ISO, NIST, PCI, and SOC 2.
  • Track assets for 90 days and monitor how workloads, RBAC, and other resource configurations drift over time.

Detect threats in Kubernetes runtime

  • Continuously monitor node, container, and K8s runtime activity and detect malicious behavior that may indicate container escape, lateral movement, and more.
  • Know how K8s clusters, namespaces, and containers are communicating with cloud services, external domains, and other K8s resources.
  • Visualize K8s clusters’ network activity, processes, user behavior, and topology with patented Polygraph® technology.
  • Get automatic alerts on unusual activity and detect unknown threats and zero-day exploits.

Know exactly who is doing what in K8s

  • Continually collect and analyze a massive number of K8s API calls and gain visibility into all user and resource activities.
  • Automatically detect user activity, K8s RBAC, deleted resources, authentication errors, forbidden API calls, and more.
  • Visualize and trace API calls between the source IP address, K8s, and AWS groups and usernames, target resources, and more.
  • Intelligently query Polygraph using multiple terms like actions, namespace, and resource names to focus on specific activity paths.
Cloud security fundamentals

FAQs

What is Kubernetes security?

Kubernetes security prevents internal and external threats from compromising the containers and workloads within your Kubernetes environment. It also quickly detects exploits of vulnerabilities and misconfigurations, and monitors and secures the environment to comply with frameworks and regulations.

Why is Kubernetes security important though the container lifecycle?

Since K8s environments can be challenging to secure given their size, velocity, and ephemeral nature, it is vital to have layered defenses from build through runtime. Effective Kubernetes security offers threat detection, configuration management, and vulnerability checks across the environment.

What are Kubernetes security best practices?

Implementing Kubernetes security best practices can help with the challenges of securing ephemeral environments. Here is a checklist of ten best practices:

  • Monitor and fix IaC at check-in
  • Perform container configuration and vulnerability checks at build time
  • Use strict roles-based access control (RBAC)
  • Harden and isolate nodes and OSes
  • Monitor network connections
  • Monitor ingress endpoints
  • Deploy runtime, agent-based monitoring for host OS and K8s components
  • Monitor Kubernetes audit logs
  • Monitor deployment of new components and workloads
  • Use automation for threat detection

For more information on implementing these recommendations, please check out our eBook: 10 best practices for securing Kubernetes.

Explore these related topics

Resources & Insights

  • Container Security

Ready to see us in action?

Spot unknowns sooner and continuously watch for signs of compromise. Take us on a test drive to see for yourself.

Watch Demo