aster.cloud aster.cloud
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
aster.cloud aster.cloud
  • /
  • Platforms
    • Public Cloud
    • On-Premise
    • Hybrid Cloud
    • Data
  • Architecture
    • Design
    • Solutions
    • Enterprise
  • Engineering
    • Automation
    • Software Engineering
    • Project Management
    • DevOps
  • Programming
    • Learning
  • Tools
  • About
  • Engineering
  • Technology

Announcing New GKE Functionality For Streamlined Security Management

  • aster.cloud
  • November 23, 2022
  • 3 minute read
At Google Cloud, we’re driven by a vision of invisible security, where advanced security capabilities are engineered into our platforms, operations are simplified, and stronger security outcomes can be achieved. As we pursue this ideal, we want to help make security easier to use and manage. Our new built-in Google Kubernetes Engine (GKE) security posture dashboard (now available in Preview) does both, with opinionated guidance for customers that can help improve the security posture of your GKE clusters and containerized workloads. It also includes insights into vulnerabilities and workload configuration checks, and offers integrated event logging so you can subscribe to alerts and stream insight data elsewhere.
https://storage.googleapis.com/gweb-cloudblog-publish/images/1_The_GKE_security_posture_dashboard.max-1900x1900.jpg

The GKE security posture dashboard

Expanding security coverage to your workloads

While a move to Kubernetes provides the foundation for application modernization and developer agility that underpins many organizations’ digital transformation efforts, it can also create new security requirements. Many organizations choose GKE to run and secure containerized workloads because it can help with vital security tasks, including:


Partner with aster.cloud
for your next big idea.
Let us know here.



From our partners:

CITI.IO :: Business. Institutions. Society. Global Political Economy.
CYBERPOGO.COM :: For the Arts, Sciences, and Technology.
DADAHACKS.COM :: Parenting For The Rest Of Us.
ZEDISTA.COM :: Entertainment. Sports. Culture. Escape.
TAKUMAKU.COM :: For The Hearth And Home.
ASTER.CLOUD :: From The Cloud And Beyond.
LIWAIWAI.COM :: Intelligence, Inside and Outside.
GLOBALCLOUDPLATFORMS.COM :: For The World's Computing Needs.
FIREGULAMAN.COM :: For The Fire In The Belly Of The Coder.
ASTERCASTER.COM :: Supra Astra. Beyond The Stars.
BARTDAY.COM :: Prosperity For Everyone.

  • manage patching, hardening, and compliance;
  • enforce security best practices;
  • and provide powerful controls for segmentation and isolation.

In addition to infrastructure security, containerized workload security is also important. When moving to Kubernetes (or any new platform or architecture,) the threat models, controls, and best practices might not be immediately clear or obvious. Moving to Kubernetes is often part of the digital transformation process for many organizations, and organizations wish to avoid speed bumps that slow modernization and innovation. This process can often lead teams new to Kubernetes to consider expensive and complex third-party tooling that they may not need.

Read More  Data: The Rx To Faster, Patient-Centric Clinical Trials

GKE security posture management can enhance the visibility of workload security, delivering “out-of-the-box” foundational security tools that can simplify management, and can help reduce the need for specialized security expertise. We’re now providing these tools at no extra cost to GKE customers.

Container security made simple

GKE leverages industry standards and the GKE team’s security expertise to provide detailed assessments and assign severity ratings. The dashboard can also show you which of your workloads are affected by a specific security concern, and can make suggestions on how to fix the problem.

https://storage.googleapis.com/gweb-cloudblog-publish/images/2_Identifying_workloads_with_security_vuln.max-2000x2000.jpg

Identifying workloads with security vulnerabilities

Workload vulnerability awareness

If you’re drowning in a sea of Common Vulnerabilities and Exposures (CVE) alerts that seem disconnected from your critical workloads, you are not alone. To address this, GKE scans all of your workloads for CVEs in the Operating System at no extra charge every single day, bubbling the most potentially impactful vulnerabilities to the top of the dashboard. These vulnerability findings are mapped directly to your running workloads, with filters and sorting that can help make prioritization and remediation a breeze.

https://storage.googleapis.com/gweb-cloudblog-publish/images/3_Vulnerability_scan_results.max-1300x1300.jpg

Vulnerability scan results

Of course, we also encourage you to “shift-left” and scan for vulnerabilities before you deploy to GKE using tools like Container Analysis, which can automatically scan vulnerabilities in images pushed to Artifact Registry and Container Registry. Implementing vulnerability assessment at runtime can help to highlight the potential impact of newly discovered vulnerabilities.

Workload security misconfiguration awareness

An overly permissive Kubernetes configuration can threaten the overall security of your clusters. The GKE team and industry experts have worked to develop configuration security standards such as the Pod Security Standards. These specifications can help you avoid issues such as running overly-privileged users and unintended host node access.

Read More  Intel Collaborates With Google Cloud To Accelerate Newest VMs

However, it’s not always easy to ensure that your workloads comply with these standards. The security posture dashboard can provide continuous analysis of deployed workload configurations to surface potentially overly permissive configurations and provide you with specific, actionable fixes.

https://storage.googleapis.com/gweb-cloudblog-publish/images/4_Highlighting_configuration_issues.max-2000x2000.jpg

Highlighting configuration issues and providing recommended actions

Used together with policy enforcement tools like Policy Controller, GKE now can provide comprehensive enforcement and awareness tools to help prevent and detect misconfigured workloads.

Get started today

GKE Autopilot already provides a managed Kubernetes experience that can reduce technical expertise barriers with an opinionated, “hands-free” operating mode. GKE now extends this managed experience to the security domain with an opinionated set of standards-based guardrails and integral security tools.

Learn more about our managed platform for containerized applications, which can provide a powerful and flexible Kubernetes experience.


Want to learn how to use Log Analytics powered by BigQuery in Cloud Logging to reduce data silos and use log data for security use cases? Attend our live webinar on Nov 15. Register today.

 

By: Glen Messenger (Product Manager) and Victor Szalvay (Product Manager)
Source: Google Cloud Blog


For enquiries, product placements, sponsorships, and collaborations, connect with us at [email protected]. We'd love to hear from you!

Our humans need coffee too! Your support is highly appreciated, thank you!

aster.cloud

Related Topics
  • Containers
  • GKE
  • Google Cloud
  • Google Kubernetes Engine
  • Security
You May Also Like
View Post
  • Engineering

Just make it scale: An Aurora DSQL story

  • May 29, 2025
View Post
  • Computing
  • Multi-Cloud
  • Technology

Reliance on US tech providers is making IT leaders skittish

  • May 28, 2025
View Post
  • Computing
  • Multi-Cloud
  • Technology

Examine the 4 types of edge computing, with examples

  • May 28, 2025
View Post
  • Computing
  • Multi-Cloud
  • Technology

AI and private cloud: 2 lessons from Dell Tech World 2025

  • May 28, 2025
View Post
  • Computing
  • Multi-Cloud
  • Technology

TD Synnex named as UK distributor for Cohesity

  • May 28, 2025
View Post
  • Computing
  • Multi-Cloud
  • Technology

Broadcom’s ‘harsh’ VMware contracts are costing customers up to 1,500% more

  • May 28, 2025
View Post
  • Computing
  • Multi-Cloud
  • Technology

Weigh these 6 enterprise advantages of storage as a service

  • May 28, 2025
View Post
  • Computing
  • Multi-Cloud
  • Technology

Pulsant targets partner diversity with new IaaS solution

  • May 23, 2025

Stay Connected!
LATEST
  • 1
    Just make it scale: An Aurora DSQL story
    • May 29, 2025
  • 2
    Reliance on US tech providers is making IT leaders skittish
    • May 28, 2025
  • Examine the 4 types of edge computing, with examples
    • May 28, 2025
  • AI and private cloud: 2 lessons from Dell Tech World 2025
    • May 28, 2025
  • 5
    TD Synnex named as UK distributor for Cohesity
    • May 28, 2025
  • Weigh these 6 enterprise advantages of storage as a service
    • May 28, 2025
  • 7
    Broadcom’s ‘harsh’ VMware contracts are costing customers up to 1,500% more
    • May 28, 2025
  • 8
    Pulsant targets partner diversity with new IaaS solution
    • May 23, 2025
  • 9
    Growing AI workloads are causing hybrid cloud headaches
    • May 23, 2025
  • Gemma 3n 10
    Announcing Gemma 3n preview: powerful, efficient, mobile-first AI
    • May 22, 2025
about
Hello World!

We are aster.cloud. We’re created by programmers for programmers.

Our site aims to provide guides, programming tips, reviews, and interesting materials for tech people and those who want to learn in general.

We would like to hear from you.

If you have any feedback, enquiries, or sponsorship request, kindly reach out to us at:

[email protected]
Most Popular
  • Understand how Windows Server 2025 PAYG licensing works
    • May 20, 2025
  • By the numbers: How upskilling fills the IT skills gap
    • May 21, 2025
  • 3
    Cloud adoption isn’t all it’s cut out to be as enterprises report growing dissatisfaction
    • May 15, 2025
  • 4
    Hybrid cloud is complicated – Red Hat’s new AI assistant wants to solve that
    • May 20, 2025
  • 5
    Google is getting serious on cloud sovereignty
    • May 22, 2025
  • /
  • Technology
  • Tools
  • About
  • Contact Us

Input your search keywords and press Enter.