Concept: California’s startup KSOC Labs (KSOC) has launched an event-driven SaaS (software as a service) platform to identify vulnerabilities, misconfigurations, and security issues in real-time. It can automatically address Kubernetes security issues and enforce least-privileged access control across distributed cluster environments.
Nature of Disruption: By leveraging existing cloud and Kubernetes APIs (Application Programming Interface), the KSOC unified security control plane allows security teams to find and address Kubernetes misconfigurations and vulnerabilities across any cloud without the use of intrusive agents. It can automatically locate and track all Kubernetes assets, on any cloud provider including container registries, clusters, and cloud logs. To detect security concerns in real-time, the platform employs an event-driven architecture. It uses code or distributed policy enforcement to accomplish automatic remediation under security frameworks. KSOC monitors role-based access control actions in the cluster, notifies users of changes, and automatically remediates over-privileged access. It enables users to quickly identify and fix both common and uncommon misconfigurations and vulnerabilities. The platform can generate enforcement policies that are suited to the user’s existing environments and toolchains automatically. It instructs teams on how to use least-privileged access control to restrict access to Kubernetes resources for users.
Outlook: Containerized infrastructure becomes increasingly difficult to manage and secure as businesses grow their cloud-native frameworks. Companies use Kubernetes to assist developers in managing microservice architectures, including the human and machine identities they are responsible for. But its development, on the other hand, has increased the enterprise attack surface, making security a primary concern for enterprises going to production containers. KSOC intends to provide a solution for organizations and technical decision-makers to simplify Kubernetes management, allowing onsite security teams to safeguard Kubernetes and cloud-native infrastructure even if they lack experience managing cloud attack surfaces. In February 2022, the startup raised $6M in a seed funding round led by.406 Ventures. The funding would be used to speed up product development and expand its sales and marketing operations.