Security Experts:

Zettaset Launches Software-Defined Encryption for Kubernetes Environments

Kubernetes-specialist Zettaset has introduced software-defined encryption for Kubernetes-managed containers, improving DevSecOps, enhancing data protection, and enabling compliance.

The use of Kubernetes is growing. A January 2020 survey by the Cloud Native Computing Foundation (CNCF) found that 78% of respondents are using a Kubernetes container orchestration and management platform within their enterprise (up from 58% last year). This increasing use of Kubernetes requires increased and more widespread data protection -- and when it isn't always clear exactly where data is stored (Kubernetes containers are maintained wherever it makes best sense to do so) encryption of that data is the best solution. 

Zettaset Logo

The fluid nature of cloud storage requires a software rather than hardware solution -- and Zettaset has announced its software-defined XCrypt Kubernetes Encryption offering. “The rapid adoption of cloud-native technologies like Kubernetes is forcing IT teams and developers to reconsider the appropriate actions to secure data at-rest,” said Tim Reilly, CEO at Zettaset. “While Kubernetes is great for managing and orchestrating containers, it does not inherently address data protection."

Secrets, included since version 1.7 of Kubernetes, allows for encryption of secret data, such as passwords, OAuth tokens, and ssh keys. But it doesn't provide general encryption of data. "XCrypt Kubernetes Encryption," continued Reilly, "will bring organizations beyond the base encryption functionality of Kubernetes Secrets to help safeguard all sensitive data in these emerging environments, not just tokens and passwords.” Secrets protects secrets, while XCrypt protects data.

Zettaset's offering provides a granular approach to encryption for even complex Kubernetes environments. It integrates directly with Kubernetes with an encryption key for each container volume and automated encryption policy management. The three primary advantages in this approach are easing the transition from DevOps to DevSecOps, improving data protection, and ensuring data compliance.

DevOps is outstripping firms' ability to build in security. "With XCrypt Kubernetes Encryption," says Zettaset, "developers can focus on building applications and driving innovation without worrying about compromising your organization’s overall security posture."

And with increasing data protection legislation around the world, such as CCPA and GDPR, adding to the already heavily regulated healthcare and finance industries, encryption becomes a foundational element of ensuring compliance.

Mountain View, Calif-based Zettaset, founded by Brian Christian, Jeffrey Krone and Michael Dalton in 2009, has raised $13 million in funding, including a $10 million series B funding round in January 2013.

Related: Security a Top Concern as Containerization Gathers Pace 

Related: Public Bug Bounty Program Launched for Kubernetes 

Related: Zettaset Enables Encryption of Data-at-rest in Hadoop 

Related: Misconfiguration a Top Security Concern for Containers

view counter
Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.