DEVOPSdigest

Radware announced the launch of Radware Kubernetes Web Application Firewall (WAF), a comprehensive and highly scalable application security solution for Kubernetes-based environments.

Radware’s new Kubernetes WAF enables organizations to secure microservices running on-premise and cloud-based implementations. Within Kubernetes orchestrated microservices ecosystems, Radware applies both a positive and a negative security model so that companies can maximize data and application security. Radware also offers a machine learning based automatic policy generation and optimization engine for Kubernetes environments, and it offers both IT security and DevOps personnel detailed insight down to the pod level.

As organizations turn towards microservices and sophisticated orchestration tools like Kubernetes to speed up their Software Development Lifecycle (SDLC) and thus improve operational efficiency and agility, they suffer from very limited visibility into their containerized environment. Existing security solutions do not fit these environments as they do not provide the required level of automation, flexibility and elasticity. Existing security solutions are cumbersome, resulting in frustrated users, limited protection and significant manual efforts. With Radware’s new Kubernetes WAF, businesses can now protect their applications against major threats such as data theft, encoded and encrypted attacks and API manipulations without compromising the agility DevOps requires to minimize time to market of new or enhanced services.

"Agility is the main reason for businesses and organizations to turn towards microservices and orchestration tools like Kubernetes, but application security has often been neglected as it has limited DevOps' ability to reduce time to market," says David Aviv, CTO at Radware. "With Radware Kubernetes WAF, we are now enabling DevOps to seamlessly integrate application security into their environments without slowing down any of their development or implementation processes."

Radware Kubernetes WAF applies core technology recommended by NSS Labs and certified by ICSA Labs application protection for microservices running within a Kubernetes ecosystem. It supports both positive and negative security models, protecting applications from attacks originating from outside or inside (north-south and east-west traffic) the enterprise. It is highly scalable and automatically grows with the Kubernetes environment, providing strong security without manual intervention. The solution easily integrates with common software provisioning, testing and visibility tools and thus into the CI/CD pipeline to facilitate rapid security provisioning of new services and applications.

Radware Kubernetes WAF also offers an auto policy generation and optimization engine for application security in Kubernetes environments, enabling protection against known threats and zero-day attacks alike. It provides data leakage protection across web applications and APIs and gives both DevOps and Security teams unprecedented visibility including security events and policies, application telemetry, network statistics, performance and minimal latency. The solution enables single termination of TLS traffic only at the host level and thus eliminates the need to manage multiple certificates across different parties. Integrated reporting and analytics provide control to both DevOps and Security teams in a unified portal and interoperability with various open source visibility platforms.