Red Hat Advanced Cluster Security for Kubernetes Managed Service logo

Red Hat Advanced Cluster Security for Kubernetes

Red Hat Advanced Cluster Security for Kubernetes Managed Service logo
Red Hat Advanced Cluster Security for Kubernetes Managed Service logo

Red Hat Advanced Cluster Security for Kubernetes

By Red Hat Inc

Certified enterprise ready

Red Hat Advanced Cluster Security for Kubernetes provides a Kubernetes-native architecture for container security, enabling DevOps and InfoSec teams to operationalize full life cycle Kubernetes security.

Runs on

OpenShift 4.6

Delivery method

Operator

Rating

Review rating of 0Not rated

Advanced Cluster Security for Kubernetes protects containerized applications across build, deploy, and runtime. The platform automates DevSecOps, enforces security policies against risky deployments, and offers runtime threat detection and response.

Visibility

• Delivers a comprehensive view of your deployments, including images, pods, and configurations, • Discovers and displays network traffic in all clusters spanning namespaces, deployments, and pods. Captures critical system-level events in each container

Vulnerability Management

• Scans images for known vulnerabilities based on specific languages, packages, image layers • Correlates vulnerabilities to running deployments, not just images • Enforces policies based on vulnerability details—at build time using continuous integration/continuous delivery (CI/CD) integrations, at deploy time using dynamic admission controls, and at runtime using native Kubernetes controls

Compliance

Assesses compliance across hundreds of controls for CIS Benchmarks, payment card industry (PCI), Health Insurance Portability and Accountability Act (HIPAA), and NIST SP 800-190 • Delivers at-a-glance dashboards of overall compliance across each standard’s controls with evidence export to meet auditors’ needs • Provides detailed view of compliance details to pinpoint clusters, nodes, or namespaces that don't comply with specific standards and controls

Network Segmentation

• Visualizes allowed vs. active traffic between namespaces, deployments, and pods, including external exposures • Simulates network policy changes before they’re implemented to minimize operational risk to the environment • Baselines network activity and recommends new Kubernetes network policies to remove unnecessary network connections • Uses network enforcement capabilities built into Kubernetes to ensure consistent, portable, and scalable segmentation

Risk Profiling

• Visualizes allowed vs. active traffic between namespaces, deployments, and pods, including external exposures • Simulates network policy changes before they’re implemented to minimize operational risk to the environment • Baselines network activity and recommends new Kubernetes network policies to remove unnecessary network connections • Uses network enforcement capabilities built into Kubernetes to ensure consistent, portable, and scalable segmentation

Pricing summary

Plans starting at

View all pricing options

Visibility, Vulnerability Management, Compliance, Network Segmentation, Risk Profiling

Configuration Management, Runtime detection and response, Integrations

2 Cores or 4 VCPUs per year - Includes Premium Support