CAST AI has launched its new Kubernetes Security Posture Management (KSPM) solution. The company claims KSPM blocks 20 times more runtime threats than legacy security tools, a claim that will gather interest from customers and be looked at carefully.
This is CAST AI’s most important announcement since it received $35 million in Series B funding in November. When the funding was announced, the company said it focused on reducing customer costs and optimising cloud resources.
Laurent Gil, CAST AI co-founder and Chief Product Officer, said, “In our Series B funding announcement last November, we committed to expanding our platform’s capabilities and automating even more aspects of Kubernetes management. The launch of our new Kubernetes Security Posture Management solution is a clear example of delivering on that promise.
“What sets this product apart is its evolution from passive monitoring to active defense, with the ability to automatically remediate threats in real-time.”
How will KSPM reduce runtime threats?
KSPM is taking advantage of CAST AI’s Kubernetes Automation Platform (KAP) and using automation to deliver a range of security capabilities. The company says, “it will provide real-time scanning of Kubernetes clusters for misconfigurations, image vulnerabilities, and compliance issues.” Focusing on misconfigurations alone should reduce risk and vulnerability, which is one of the biggest challenges in cloud deployment.
Adding compliance to this list is interesting. It should be part of orchestration controls, but often, it is not. Making it a real-time check should spot deployment issues. The question is, will KSPM be integrated into orchestration engines to automatically correct compliance issues with deployment?
Another capability is fully automated OS patching, which is an extension of security tools already provided by CAST AI. Several other security vendors have mature products in this space. Can KSPM compete with them?
How does CAST AI see KSPM differentiating itself?
Two words – automation and AI. Both are words used by many security vendors today. However, for CAST AI, building KSPM on KAP gives it a mature automation base as a foundation.
When it comes to AI, the company sees this as easing the workload of security teams. In the announcement it states, “Current security tools often focus on alert prioritization, leaving security engineers to manually assess and address threats—a process that is time-consuming and can allow risks to escalate.
“CAST AI’s KSPM bridges this gap by automating threat remediation, enhancing an organization’s security posture while increasing the effectiveness of security teams.”
Enterprise Times: What does this mean?
Since its Series B funding, CAST AI has made two announcements. In April, it announced the launch of its AI Optimizer at Google Cloud Next ’24. KSPM is much more significant and comes with a significant claim that it “blocks more than 20 times more runtime threats than legacy security tools.” Expect that claim to be tested and customers to want to see proof.
It will be interesting to see what CAST AI follows up on this with and how quickly it proceeds with Series C funding or whether it is now able to self-fund.