Compliant Kubernetes (CK8s) is a security hardened, CNCF certified Kubernetes distribution that allows organizations to enjoy the benefits of Kubernetes while fulfilling regulatory requirements – all the way from development to deployment to operations and audits.
Compliant Kubernetes brings the best of both worlds for both your DevOps and security team.
Compliant Kubernetes comes pre-configured with CNCF approved open source projects that makes life easier at audits and enforces compliance policies for your workloads, helping fulfill regulatory standards like ISO-27001, GDPR, GxP and PCI-DSS. You can both rely on preconfigured templates and best practices and define your own policies to achieve your regulatory goals.
Solving the challenge of being fast and compliant
If you are looking to run a modern, container based application development workflow using Kubernetes in a highly regulated environment you might recognize these challenges.
Achieving speed without sacrificing security
Allowing developers to ship code fast seems to run counter to complying with regulations and securing the software development life cycle.
Keeping up with change
Building a fully compliant container platform yourself takes time and you risk overlooking critical security aspects. Also keeping in sync with the rapid release schedules of cloud native software requires commitment.
Keeping your cluster compliant over time is a constant uphill battle against developers pushing new features.
Being on top of your compliance status is challenging and proving compliance at audits is time consuming.
Ensure compliance through the whole software development life cycle
Compliance does not start when your applications are deployed to production. Elastisys Compliant Kubernetes shifts security and compliance focus left, providing the means to secure your applications throughout the whole software development life cycle.
Compliant Kubernetes does this by:
- Audit logging the whole container lifecycle
- Analyzing and verifying containers during build, deploy, and run-time
- Providing easy to use management tools for enforcing policies during deployments – ensuring compliance for the whole application lifecycle
- Providing operations and security teams with pre-configured logging, monitoring, intrusion detection, network segmentation, and audit trail capabilities tailored to adher to the strict security demands placed by regulations like ISO27001, GDPR, and PCI-DSS
Compliant Kubernetes comes pre-configured for compliance and security. It reduces your burden to be compliant with regulations such as GDPR, PCI-DSS, ISO-27001, GxP, and others.
Security and compliance
- Separation of duties through Role Based Access Control (RBAC)
- Secret management
- Automated certificate handling
- Private container repository
- Automated image vulnerability scanning
- Intrusion detection systems (IDS) for alerting in case of breaches
- Preconfigured best practice security policies
- Container sandboxing
- Network isolation and tight firewalls
- Prometheus, AlertManager, and Grafana to monitor applications and the platform itself
- Logging from the platform and applications to ElasticSearch
- Complete Kubernetes API Audit trails
- Authentication integration with Active Directory, SAML, and Google logins
- Enterprise UI, providing a single pane of glass for all services, including all security features
- Integration with popular CI/CD systems such as Jenkins and GitLab
- Deploys on-premise or in public clouds
Compliant Kubernetes provides a single pane of glass into the operational, security and compliance status of your clusters, allowing all stakeholders from DevOps engineers to compliance officers to access the information that is relevant to them.
Want to get involved?
Are you part of a regulated entity that want speed and cloud-native application development while having world class regulatory compliance?
Compliant Kubernetes is open source and available on GitHub. The documentation is available on compliantkubernetes.io. Reach out if you want to help extend the platform with for example regulatory templates or support for more cloud platforms.