News, news analysis, and commentary on the latest trends in cybersecurity technology.

Expel Tackles Cloud Threats With MDR for Kubernetes

The new managed detection and response platform simplifies cloud security for Kubernetes applications.

Dark Reading Staff, Dark Reading

February 15, 2023

2 Min Read
Photo of cranes loading large cargo containers onto the back of trucks
Source: Monty Rakusen via Alamy Stock Photo

Expel unveiled its managed detection and response for Kubernetes offering this week. With Expel MDR for Kubernetes, security teams can quickly detect and respond to security risks in their Kubernetes environments without slowing down the DevOps teams.

Kubernetes is an open source orchestration system that relies on containers to automate the deployment, scaling, and management of applications in cloud environments. The overall container application market is expected to grow to $12 billion by 2028, with Kubernetes driving the majority of spending, according to KBV Research.

Security teams have to recognize that the shift to Kubernetes comes with a new set of security challenges. Misconfigurations (53%) and major vulnerabilities (38%) are the two top security incidents affecting Kubernetes environments, according to Red Hat's 2022 "State of Kubernetes" security report. Security teams are struggling with challenges specific to Kubernetes, including a lack of security knowledge about containers and Kubernetes, inadequate security tooling, and an inability to keep up with DevOps teams.

With Expel MDR, organizations can secure their businesses across their Kubernetes environments and adopt new technologies at scale, Expel said in a statement. Because the new offering aligns to MITRE ATT&CK framework, security teams can quickly remediate issues and build resilience into their networks.

To help organizations stay ahead of pervasive misconfigurations, Expel's offering identifies cluster misconfigurations and references the Center for Internet Security (CIS) Kubernetes benchmark when making recommendations on configuration improvements. Expel MDR integrates with Amazon Elastic Kubernetes Service (EKS) and Google Kubernetes Engine (GKE) infrastructure to analyze audit logs and apply custom detection to alert on malicious activity. Finally, the MDR platform integrates with a runtime container security vendor to get better security insights regarding the devices the users are using — a necessity in "Bring Your Own Tech" shops, Expel said.

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights