Expel managed detection and response (MDR) for Kubernetes enables customers to secure their business across their Kubernetes environment and adopt new technologies at scale without being hindered by security concerns.
“Organizations are adopting Kubernetes as a way to help their developers move fast and scale. This is similar to the historical drive to cloud infrastructure and, just like that drive, it comes with a new set of opportunities, and a new set of security challenges,” explains Matt Peters, Chief Product Officer, Expel.
“We developed Expel MDR for Kubernetes to enable organizations to take advantage of the Kubernetes ecosystem while still protecting what matters to them in today’s constantly shifting threat landscape.”
Kubernetes has quickly become the de-facto standard for automating scaling, deployment and management of containerized applications. According to a 2022 report from KBV Research, the container application market is expected to grow to $12B by 2028, with Kubernetes driving the majority of the spend.
As such, the need for fast, agile, and light-weight application development has become a core competitive requirement, but without incorporating security from the start, risks increase.
Expel MDR for Kubernetes enables teams to detect and respond to security risks in their Kubernetes environments without slowing down DevOps—enabling organizations to focus more on the priorities that matter most to the business.
The offering provides insights across three core layers of Kubernetes applications:
- Configuration: To help organizations stay ahead of pervasive misconfigurations, Expel MDR for Kubernetes identifies cluster misconfigurations and references the Center for Information Security (CIS) Kubernetes benchmark for best practices to recommend configuration improvements—allowing security teams to proactively become more resilient against threats.
- Control plane: Regardless of where a business is on its journey, Expel MDR for Kubernetes turns complexity into clarity. This offering integrates with Amazon Elastic Kubernetes Service (EKS) and Google Kubernetes Engine (GKE) infrastructure, analyzing Kubernetes audit logs, applying custom detection logic to alert on malicious or interesting activity, and providing clear, step-by-step remediation recommendations.
- Run-time security: Expel uses a Bring-Your-Own-Tech (“BYO-Tech”) approach, so customers can maximize return on investment (ROI) with the solutions of their choice. Expel MDR for Kubernetes integrates with a portfolio of run-time container security vendors to get customers more value from the tech they already use.
Expel MDR for Kubernetes also aligns to the MITRE ATT&CK framework, enabling teams to quickly remediate and create resilience for the future. Expel-written detections continuously learn and adapt based on activity in the environment, putting customers ahead of threats and equipping them with the answers and best-practices to track Kubernetes security posture over time.