CyberSecurity Manager at a non-tech company with 11-50 employees
Real User
Top 20
2024-07-25T10:29:09Z
Jul 25, 2024
From an improvement perspective, I would like to create new policies in the tool, especially if it is deployed for the prevention part, but currently, we need to do it manually. I hear that Palo Alto is conducting some checks on the containers and documenting the policies to help with the prevention part from our side. I do see that some features associated with the IAST part are not included in the tool, making it an area where improvements are required. I would like to see the features in Red Hat Advanced Cluster Security for Kubernetes, which are similar to the ones offered by Palo Alto Prisma revolving around IAST.
In the instance of each container, when you try to create a new container, you can automate the process using scripts, and JWT can be used as a certificate for each container. The performance of the solution is usually not up to the mark and depends on the use cases. The solution can be used to verify the credentials of an individual who is trying to install a new port or container for the company. The aforementioned verification is a proper way to improve the container when new microservices are being developed in the cluster.
Cybersecurity Architect/System Security Engineer at General Dynamics Mission Systems–Canada
Real User
Top 20
2023-08-21T20:20:36Z
Aug 21, 2023
There is room for improvement in the setup process. All these tools come down to how you're integrating into your environment and having good knowledge of the tool. So that's the biggest problem with all these security tools – you gotta have knowledgeable people to build, integrate, and really flesh them out in your environment to make them work as they should.
Principal Infrastructure Engineer at a logistics company with 10,001+ employees
Real User
Top 5
2023-06-27T10:02:59Z
Jun 27, 2023
The deprecation of APIs is a concern since the deprecation of APIs will cause issues for us every time we upgrade. For a platform maintenance person, it is very difficult since they need to identify, find out, and get the customer to make changes to their application. The aforementioned area can be considered for future improvements in the solution. Stability can be improved in the solution.
Learn what your peers think about Red Hat Advanced Cluster Security for Kubernetes. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
Owner/Full Stack Software Engineer at Maraphonic, Inc.
Real User
Top 10
2022-05-11T03:15:34Z
May 11, 2022
They're trying to convert it to the platform as a source. They are moving in the direction of Cloud Foundry so it can be easier for a developer to deploy it. They're trying to create it so that it's easier, like on Cloud Foundry. If you specify some service, you just go to the marketplace on Cloud Foundry and find something you want to create, like a database of a certain size and CPU, and it's automatically created for you. In your application, you just create a manifest file where you specify the name of this source. If you automatically bind the application to that source, that would be like a database. There is no need to manually produce a database. By binding your application to the source, Cloud Foundry automatically creates a connection for you for your source code. So you basically don't use any ODBC or JDBC objects for your source code.
Red Hat Advanced Cluster Security for Kubernetes is a Kubernetes-native container security solution that enables your organization to more securely build, deploy, and run cloud-native applications from anywhere. With its built-in security across the entire software development life cycle, you can lower your operational costs, reduce operational risk, and increase developer productivity while improving your security posture immediately. In addition, Red Hat Advanced Cluster Security...
From an improvement perspective, I would like to create new policies in the tool, especially if it is deployed for the prevention part, but currently, we need to do it manually. I hear that Palo Alto is conducting some checks on the containers and documenting the policies to help with the prevention part from our side. I do see that some features associated with the IAST part are not included in the tool, making it an area where improvements are required. I would like to see the features in Red Hat Advanced Cluster Security for Kubernetes, which are similar to the ones offered by Palo Alto Prisma revolving around IAST.
In the instance of each container, when you try to create a new container, you can automate the process using scripts, and JWT can be used as a certificate for each container. The performance of the solution is usually not up to the mark and depends on the use cases. The solution can be used to verify the credentials of an individual who is trying to install a new port or container for the company. The aforementioned verification is a proper way to improve the container when new microservices are being developed in the cluster.
The solution's visibility and vulnerability prevention should be improved.
There is room for improvement in the setup process. All these tools come down to how you're integrating into your environment and having good knowledge of the tool. So that's the biggest problem with all these security tools – you gotta have knowledgeable people to build, integrate, and really flesh them out in your environment to make them work as they should.
The deprecation of APIs is a concern since the deprecation of APIs will cause issues for us every time we upgrade. For a platform maintenance person, it is very difficult since they need to identify, find out, and get the customer to make changes to their application. The aforementioned area can be considered for future improvements in the solution. Stability can be improved in the solution.
The solution's price could be lower.
The testing process could be improved; it would be great.
They're trying to convert it to the platform as a source. They are moving in the direction of Cloud Foundry so it can be easier for a developer to deploy it. They're trying to create it so that it's easier, like on Cloud Foundry. If you specify some service, you just go to the marketplace on Cloud Foundry and find something you want to create, like a database of a certain size and CPU, and it's automatically created for you. In your application, you just create a manifest file where you specify the name of this source. If you automatically bind the application to that source, that would be like a database. There is no need to manually produce a database. By binding your application to the source, Cloud Foundry automatically creates a connection for you for your source code. So you basically don't use any ODBC or JDBC objects for your source code.