
News, news analysis, and commentary on the latest trends in cybersecurity technology.
Ermetic Adds Kubernetes Security to CNAPPErmetic Adds Kubernetes Security to CNAPP
The automated capabilities can discover misconfigurations, compliance violations, and risk or excessive privileges in Kubernetes clusters.

Ermetic has introduced new Kubernetes security posture management capabilities to its cloud-native application protection platform (CNAPP). Customers can take advantage of the automated features to discover and fix misconfigurations, compliance violations, and risk or excess privileges in Kubernetes clusters. Ermetic CNAPP provides a detailed inventory of the resources inside all Kubernetes clusters, performs continuous posture assessment and prioritization of risks, and offers remediation guidance, the company said.
The platform queries the Kubernetes API for each cluster and uses agentless scanning and analysis of node configurations and containers. These findings are then combined with signals from the platform's cloud workload protection (CWP), infrastructure-as-code (IaC) scanning, cloud security posture management (CSPM), and cloud infrastructure entitlement management (CIEM) functionality to provide full visibility into threats, the company said. Customers can get a list of prioritized vulnerabilities within the context of cloud configuration, permissions, and network access. Customers can also enforce least privilege for users and services using the internal Kubernetes role-based access controls.
While Kubernetes is powerful for deploying and managing containerized applications across multiclouds, it can also be challenging for security teams to effectively track configuration changes, manage secrets, ensure proper role-based access control, and identify vulnerabilities.
"Existing approaches to Kubernetes security typically provide a siloed view, which results in high false positive rates," said Ermetic's chief product officer, Sivan Krigsman, in a statement.
About the Author
You May Also Like
Securing the Remote Workforce
Feb 20, 2025Emerging Technologies and Their Impact on CISO Strategies
Feb 25, 2025How CISOs Navigate the Regulatory and Compliance Maze
Feb 26, 2025Where Does Outsourcing Make Sense for Your Organization?
Feb 27, 2025Shift Left: Integrating Security into the Software Development Lifecycle
Mar 5, 2025