The market for containerized applications is growing at a rapid pace. As enterprises embracing Kubernetes as their preferred container orchestrator platform, Many companies and startups are stepping forward to launch their Kubernetes Offerings. Here is a list of seven innovative startups that are making a difference through their Kubernetes offerings.
Kasten.io’s K10 platform focuses on implementing an end to end enterprise-grade data management solution for Kubernetes applications. K10 natively integrates with Kubernetes, bringing advanced data management capabilities to speed up Kubernetes Adoption.
Kasten’s K10 policy-driven data management platform, provides IT teams full control over their data by providing scalable, and secure systems for backup & restore, disaster recovery and mobility of Kubernetes applications.
It provides a native Kubernetes API which provides features like automatic application discovery, Role-Based Access Control (RBAC), OpenID Connect (OIDC), AWS IAM roles, and database integrations for better protection of your enterprise data.
K10’s policy-driven approach resolves vendor lock-in issues enterprise faces. It Provides a governance-based data approach that helps enterprises embrace hybrid cloud and multi-cloud while providing maximum control over their data.
Kasten makes use of its Cloud-Native Transformation Framework, which includes features like lock-free algorithms, pluggable encryption and compression, advanced deduplication, and smaller fault domains to ensure backup efficiency and increased reliability for applications in Kubernetes Environments.
K10’s new Data Transformation Engine also includes additional metadata capabilities, such as intelligent resource transforms that simplifies backup, restore, and disaster recovery, providing enterprises the improved flexibility and adaptability to take their captured data and workloads between Kubernetes environments.
K10’s policy framework and intelligent data capabilities delivered a powerful and reliable Kubernetes solution that provides teams with improved reliability and security.
Alcide, as a Kubernetes startup, is continuously integrating security into Kubernetes infrastructure. It empowers teams to continuously secure and protects their growing multi-cluster Kubernetes deployments from breaches, misuses, and abnormal behavior by using their Kubernetes Offerings.
Alcide Kubernetes Advisor, an agentless Kubernetes audit, compliance, and Istio hygiene check tool, is built to provide a single-pane view for all your K8s-related issues. The entire process is carried over in the background to ensure that you understand and control distributed and complex Kubernetes issues with a continuous and deep analysis of audits, compliance, networks, policies, and threats.
Alcide Advisor is generally deployed early in the development process before moving to production to gather, monitor, and manage all your rule-based policies while providing a high-level picture and granular policy details to ensure the right policies are set protect your Kubernetes workloads.
With Alcide, Kubernetes Network Policies are automatically imported, minimizing the need to manage policies through the Kubernetes native CLI. Alcide Kubernetes Advisor which is also a Kubernetes vulnerability scanner hunts misplaced secrets or excessive secret access to secure Network policies and Istio security configurations.
Alcide Advisor is a pure API based security scanner that supports all Managed Kubernetes (AKS, GKE, EKS), non managed, and on-premises Kubernetes clusters. It provides a single Kubernetes-native security platform for configuration risks, network security events, and a single policy framework. It also provides production protection that automatically discovers, manages, and enforces security policies across multi-cluster environments, enabling the smooth operation of Kubernetes apps.
Harbor is an open-source trusted Kubernetes native container registry startup that is already winning fans in the enterprise. Born in a VMware research center, Harbor has become a go-to solution for securing, storing, and scanning container images and Helm charts.
Harbor adds key enterprise-grade features in authentication and access control such as LDAP, RBAC, two-way replication, and advanced online non-blocking garbage collection to scan container images for vulnerabilities and sign them as trusted for deployment.
This solves many of the compliance, performance challenges enterprises face when deploying Kubernetes clusters into production environments, especially for those who cannot use public registries as a viable option.
Harbor supports Kubernetes out of the box and can be deployed in less than 30 minutes. Harbor can be fully managed through a single web console and comes with a rich set of APIs to secure container images.
Harbor is open source, and it’s geared towards Kubernetes. One of the key benefits as an open-source alternative is that it can serve as a private, as opposed to a public registry. The second main benefit is its flexibility and agility as an open-source registry to integrate with other platforms. While many vulnerability scanners exist that are open source, their integration with platforms is what counts.
Harbor integration with Helm charts is one of its standout features for those who want to run Helm on top of Kubernetes. Previously, developers had to use Helm to deploy their application, while the Helm chart consisted of a bunch of files on a disk. Harbor has integrated Helm charts with the container image to form a consistent management system from which users can check their Helm chart and their container image before deploying them to the Kubernetes cluster.
NeuVector is a California-based startup that provides a complete Kubernetes solution for monitoring, protection, and audits of Kubernetes containers and deployments. The startup has raised $7 million in 2017 by Hummer Winblad Venture Partners and has partnered with key players like IBM, AWS, and RedHat.
NeuVector has developed the first and only Kubernetes security platform that automates container protection by combining firewall security and traditional network security. The platform is a security solution that is delivered as a container itself and is deployed by customers on-premises (or in their public cloud) using their container orchestration tools such as Kubernetes or EKS. NeuVector does not require any SaaS-based offering to secure containers.
NeuVector implements the true layer seven deep packet container firewall to prevent violations and network-based attacks. Attack detection code for DDoS, DNS, SQL Injection, & DLP breaches can run in line to block attacks in real-time without affecting the container’s traffic. NeuVector also monitors file systems and block suspicious processes to prevent exploits & breakouts.
NeuVector automatically discovers all containers, including Kubernetes system containers, and maps their behavior, which helps visualize connections and get a logical and high-level view of containers.
NeuVector Kubernetes security solution supports all major Kubernetes-based management platforms such as Red Hat OpenShift, Rancher, Microsoft AKS, and AWS EKS. Also, NeuVector containers are the only container network security solution certified by Red Hat OpenShift and listed in the Rancher Catalog.
Kublr has enabled enterprises in Kubernetes space to orchestrate clusters across various infrastructures with its comprehensive and easy to use container orchestration platform.
Headquartered in Washington, DC, Kublr provides a Kublr Enterprise platform that speeds up cloud-native adoption for enterprises while maintaining strict security and compliance criteria.
Kublr Enterprise Platform includes multi-site orchestration allowing enterprises to reliably manage multiple clusters across multiple regions, data centers, and clouds speeding up Kubernetes enterprise adoption.
Kublr is committed to keeping the open-source promise while providing enterprise-level support. Their Kublr Enterprise Platform subscriptions are backed by a Source-Available License that provides enterprises control over Kublr’s source code, which can be used as a foundation for the internal development of containerized applications.
Kublr fully automates infrastructure management, enabling High availability of clusters even in cases where the Kublr control plane is temporarily unavailable.
Kublr also offers Kublr Cloud and Kublr Accelerators. Kublr Cloud is a fully-managed Kubernetes service that speeds up container adoption, even if the internal infrastructure is not available by the organization. In contrast, Kublr Accelerators are packaged services that help organizations migrating applications to a new cloud-native environment. It includes processes such as building a CI/CD pipeline and cloud-native stack, as well as operational maintenance.
Styra allows enterprises to easily enforce and validate security across their Kubernetes environments without building them from the ground up. With a synergy of open source and their Declarative Authorization Service (DAS) for Kubernetes. The startup aims to ease down the security and compliance hurdles faced by enterprises during their adoption of containerized applications.
Styra DAS combines webhooks and pod security policies that implement Kubernetes admission control policies and Stacks that simplify the management of policies across clusters. These solutions offer an easy to use library that makes it easier for businesses to create safety barriers to ensure they are always in accordance with regulatory and security standards.
Styra DAS supports mutating webhooks enabling Styra policies to automatically manage relevant parameters to ensure compliance of Kubernetes workloads before they reach into production. Styra DAS can also remediate problems that result in blocked workloads like resource requirements, privilege controls, labels, or network parameters and help reduce human errors and development barriers.
Styra DAS can distribute and save Pod Security Policies(PSP) to accelerate Kubernetes adoption. PSPs are native to Kubernetes, and they allow developers to control access to the host operating system by building safeguards across clusters. Manually implementing PSP on each Kubernetes cluster can result in costly delays due to misconfigurations. Styra eases the process of authoring configurations and distribution across clusters while reducing the human error and time spent on writing PSP’s.
Trilio, a startup aimed to provide data protection and app resiliency for container-based workloads, recently announced a data protection solution TrilioVault for Kubernetes container-based environments.
TrilioVault for Kubernetes provides backup models and supports many storage targets. It was mainly designed to support the scaling and performance of Kubernetes container-based environments across any hybrid or public cloud.
TrilioVault for Kubernetes is based on an agentless architecture that allows API’s to back up and recover an entire Kubernetes application, including its metadata and Kubernetes objects, so it is protected and restorable from any point. It also supports various open-source monitoring and logging tools such as Prometheus and Grafana.
Trilio native support for Kubernetes ensures that IT teams can restore a complex microservices-based application regardless of whether the Kubernetes cluster resides on-premises or in the cloud.
TrilioVault for Kubernetes is offered in various variants from 30-day trial to basic to the enterprise edition. Basic edition is available for up to 10 nodes within a single cluster forever. The Enterprise Edition is available with premium support and is priced on a per-node basis.