Uptycs launches agentless cloud workload scanning

CNAPP (cloud native utility safety platform) and XDR (prolonged detection and response ) supplier Uptycs introduced Friday that it has added agentless scanning to its current cloud workload safety platform, which it mentioned will open up a variety of latest use instances and entice new potential clients.

The corporate mentioned that its agentless workload scanning system might be absolutely interoperable with its agent-based Uptycs sensors, offering safety metadata in the identical format and letting customers handle each techniques from the identical administration console.

The concept is to offer flexibility. Agentless, API-based scanning is way simpler to implement than agent-based methods, and gives the flexibility to take a look at everything of an enterprise’s workloads in moments. Uptycs mentioned its system is especially low-touch, asking solely to tug metadata, not precise info, from the shopper setting to offer a snapshot of all exercise in a given setting.

But, due to that snapshot-based visibility, agentless safety doesn’t supply the kind of steady protection that agent-based approaches do. Therefore, for significantly essential workloads, Uptycs mentioned that agent-based sensors could be applicable, backed by agentless “snapshot” protection for the remainder of the setting.

In an official weblog put up accompanying the discharge, the corporate gave the hypothetical instance of an organization that purchases a smaller competitor for a few of its functions, which run in Google Cloud Platform. As an alternative of conducting a full safety audit on the brand new acquisition’s cloud setting, the acquiror can use agentless scanning to get an instantaneous overview and perceive the actual safety dangers posed.

Agent-based and agentless scanning can work collectively

Lawrence Pingree, a vice chairman and analyst at Gartner Analysis, mentioned that the two-pronged method provided by Uptycs is a pretty one for enterprise clients. Whereas there’s nonetheless a specific amount of hesitancy about agent-based safety within the cloud, bundling it together with API-based methods presents one of the best of each worlds.

“The 2-fold method actually … permits them to straddle the hybrid setting,” Pingree mentioned. “Meaning they’re in a position to combine with a number of these cloud companies and get fast worth, and nonetheless provide you with worth on the normal workload or endpoints you’re managing.”

Uptycs additionally incorporates the flexibility to make use of YARA guidelines, that are, in essence, a question language that lets safety groups analyze content material throughout a complete filesystem, and a key software for detecting superior threats. Pingree characterised it as a successor to the idea of malware signatures.

“It’s an trade normal,” he mentioned. “And I’m unsure the place they begin and end on YARA, however it’s positively helpful for scanning for indicators of malicious information and artifacts.”

The usual value for Uptycs’ safety choices is “about $100 per node/asset per yr,” the corporate mentioned, including that an end-of-year sale will present 1,000 managed belongings for $1 for a restricted time. The brand new agentless functionality is out there now.

Copyright © 2022 IDG Communications, Inc.