New CloudControl Versions Enable Continuous Compliance and Container Security across Private and Public Cloud Infrastructure
MOUNTAIN VIEW, Calif. – April 12, 2018 – HyTrust announced today HyTrust CloudControl 6.0 which includes two new editions to enable consistent, integrated security for containers and virtual machines across private and public clouds. The first edition, HyTrust CloudControl Continuous Compliance focuses on reducing the compliance burden on IT and DevOps teams by addressing the visibility and hardening challenges across multi-cloud infrastructure. HyTrust CloudControl for Container Edition provides the critical security controls mandated by the security team to deploy containers safely in production environments.
As the adoption of cloud computing continues to rise, security remains a top concern with 91% of cybersecurity professionals confirming that they are concerned about security, according to the 2018 Cloud Security report from Crowd Research Partners. We continue to see massive data breaches and Amazon S3 bucket misconfigurations that expose data and create risks that organizations are looking to address as they move workloads to cloud platforms.
“Use of multiple cloud environments is becoming the norm for many companies and with workloads running on-premises and across multiple cloud providers, consistent security becomes difficult,” said Eric Chiu, founder and president of HyTrust. “The top banks, government agencies and providers of healthcare and insurance already rely on HyTrust for workload security and with the new editions of HyTrust CloudControl, organizations can now gain visibility and protect the full lifecycle of VM and container workloads regardless of where they run.”
HyTrust CloudControl Container Edition makes container production deployments more secure and eases the compliance burden imposed on DevOps teams. HyTrust CloudControl Container Edition is built on top of the existing CloudControl platform that provides the same critical security and compliance capabilities for other workloads, such as virtual machines, eliminating the need for a standalone container security solution, security tool sprawl, and most importantly provides comprehensive security and compliance controls for the vertical stack.
Key Capabilities for HyTrust CloudControl Container Edition
- Deployment control allows organizations to assess the integrity of an image via software component analysis and apply “image centric” deployment policies to determine “who” can deploy “what”, “where.”
- Runtime monitoring that scans containers in a production environment for any policy violations.
- Configuration hardening that includes the entire stack from the underlying infrastructure to the Kubernetes Cluster based on the CIS benchmark.
- Management dashboards that provide an all-in-one view of the organization’s security posture across the vertical stack and management systems.
HyTrust CloudControl Continuous Compliance for Amazon Web Services (AWS) includes the ability to protect and prevent accidental exposure or tampering of AWS S3 Buckets, an increasingly common occurrence and major concern of AWS customers. Organizations can strengthen their multi-cloud security posture and reduce the compliance burden by hardening their private cloud (VMware) and AWS, including EC2 instances and S3 buckets with a single solution.
Key Capabilities of HyTrust CloudControl Continuous Compliance for AWS
- Single pane-of-glass view of workload inventory across the multi-cloud environments.
- Workload tagging to segment the environment into different security and compliance zones.
- Comprehensive audit quality logs and reports of all administrative access (‘who’ did ‘what’ and ‘when’).
- Automated continuous configuration hardening with a dual purpose of improving security posture and reducing the compliance burden.
The two new editions of HyTrust CloudControl are built upon the HyTrust CloudSPF principles which include “follow the workload” to ensure that security visibility and policies are consistently enforced across all cloud environments and for all lifecycle phases of the workload—from its creation to its ongoing operations to its final decommission.
HyTrust CloudControl now aligns security, operations and development teams to enable consistent policy for the people, data and infrastructure associated with each workload. Security teams can define a consistent security policy for workloads running on multiple cloud platforms and monitor those workloads to ensure adherence to those policies. IT operations and infrastructure teams can leverage HyTrust CloudControl automation to consistently enforce the security policies defined by the security team or in place for compliance purposes. DevOps teams can enforce and must adhere to policies established by the security team in the container deployment process.
The new editions of HyTrust CloudControl will be available for early access in May 2018. For more information, please visit https://www.hytrust.com.
HyTrust’s mission is to make private, public and hybrid cloud infrastructure more trustworthy for enterprises, service providers and government agencies. HyTrust provides solutions that automate security controls for software-defined computing, networking and storage workloads to achieve the highest levels of visibility, granular policy control and data protection. HyTrust customers benefit from being able to accelerate cloud and virtualization cost savings while improving their security posture by automating and enforcing security policies in real time, adapting quickly to compliance requirements and preventing unplanned outages.
Headquartered in Mountain View, Calif., HyTrust is backed by the leading providers of strategic IT infrastructure including VMware, Cisco, Intel and Fortinet; by the vanguard of innovative solutions for the intelligence community, In-Q-Tel; and by a world-class group of financial investors including AVP Growth, Epic Ventures, Granite Ventures, Sway Ventures, Trident Capital and Vanedge Capital.
Press and Analyst Inquiries