Original Article

BOSTON and TEL AVIV, March 1, 2023 -- Ermetic, the cloud infrastructure security company, today announced its Cloud Native Application Protection Platform (CNAPP) now provides automated capabilities that enable customers to discover and fix misconfigurations, compliance violations, and risky or excessive privileges in Kubernetes clusters. Unlike traditional Kubernetes security tools, Ermetic combines signals from the platform’s cloud workload protection (CWP), infrastructure as code (IaC) scanning, cloud security posture management (CSPM) and cloud infrastructure entitlement management (CIEM) functionality to provide full context visibility into threats…

The Cyber Hut Comment: Ermetic have updated their cloud infrastructure security product with some enhanced monitoring and visibility tools. In the “modern enterprise”, visibility is becoming a big issue: a lack of knowledge around identity profile data, permissions data, behaviours, service and API usage and access all start to become major issues.

What Ermetic have added is a sort of meta-monitoring - that takes in data from the Kubernetes API focused on cloud workload protection (CWP), infrastructure as code scanning (IaC), cloud security posture management (CSPM) and cloud infrastructure entitlements management (CIEM) components.

Ermetic argue that by just analysing those components in their singularity, resulted in a high degree of false positives, making investigations ineffective and time intensive.

The concept is to accelerate the identification of mis-configuration of the infrastructure - which seems to becoming a major concern - either via complexity, lack of training, poor process or a lack of controls assurance. A secondary benefit is to be able to prioritise remediation steps as more information is available.