Dynatrace has announced that it will be expanding its platform by adding new Kubernetes Security Posture Management (KSPM) capabilities. This will facilitate observability-driven security, configuration, and compliance monitoring. The platform's enhancement comes on the heels of the rapid integration of Runecast technology into the Dynatrace platform after the purportedly successful acquisition of the same earlier in the year.

The inclusion of KSPM will empower Dynatrace's existing security defence qualities, such as Runtime Vulnerability Analytics (RVA) and Runtime Application Protection (RAP). In turn, this will bolster cloud-native application protection in the Dynatrace platform. Collectively, these capabilities are set to provide DevSecOps, security, platform engineering, and SRE teams with an innovative solution for security posture and compliance. These teams bear responsible for ensuring the safety of Kubernetes environments.

KellyAnn Fitzpatrick, a Senior Analyst with RedMonk, stressed the importance of this enhancement. “As workloads become more dynamic, integrating KSPM into the deployment lifecycle is essential for the security of Kubernetes environments and adherence to best practices and standards,” she said. Dynatrace's decision to introduce a KSPM solution with real-time vulnerability assessments and contextual security insights aims to enable teams to proactively tackle risks for total visibility into their security posture, compliance status, and potential attack vectors. Fitzpatrick believes that such solutions can increase teams' confidence as they accelerate digital transformation while operating under the assurance that their cloud-native environment is secure.

Dynatrace's innovative KSPM solution, coupled with its existing RVA and RAP capabilities, will enable rapid risk detection in Kubernetes deployments. It will also automatically prioritise remediation based on risk exposure. To achieve this on a large scale, Dynatrace leverages Davis hypermodal AI, combining predictive and causal AI techniques for precision and automation and generative AI for improved productivity. Teams stand to gain comprehensive insights into cloud-native applications across code, libraries, language runtime, and container infrastructure. This will facilitate the strengthening of the security posture of their Kubernetes deployments and ensure compliance with regulatory frameworks and industry best practices, such as those defined by the Center for Internet Security (CIS).

Bernd Greifeneder, CTO at Dynatrace, addressed the current limitations of security measures. “While most teams rely on agentless workload scanning to enable KSPM, this snapshot approach is incapable of providing real-time insights and often causes a frequency of excessive alerts, without runtime context, that waste time and make remediation efforts confusing,” he said. He emphasised the necessity for organisations to evolve their solutions and processes to keep pace with potential threats, including those posed by cloud infrastructure, APIs, and the software supply chain itself. Dynatrace aims to address these challenges by providing an innovative approach to KSPM, offering real-time insights, automated compliance, and actionable advice to teams to decrease risk and resource expenditure.

It is expected that Dynatrace's Kubernetes Security Posture Management will become generally available in the second half of 2024.