Fairwinds has announced the latest enhancements to Fairwinds Insights, the platform that unites DevSecOps teams. The latest version includes enhancements to help DevOps teams manage the complexity of keeping Kubernetes secure, alongside security teams, in ever-changing, agile development and production environments.
Fairwinds Insights’ new security enhancements include Auto-Scan Infrastructure-as-Code to support GitOps – designed for Platform Engineering Managers who need to roll out Infrastructure-as-Code scanning across multiple teams, Auto-Scan automatically discovers and scans YAML files and Helm charts in GitHub Repos and provides automated scanning – without requiring individual CI pipeline integrations. With Auto-Scan, Platform Engineering teams can configure Infrastructure-as-Code scanning in minutes – creating an immediate feedback loop so developers can fix issues faster.
The latest version also helps accelerate remediation by recommending newer versions of third-party images with fewer vulnerabilities. Fairwinds Insights can now integrate security events from the open source runtime container security project, Falco. This provides DevSecOps teams with a single pane of glass for monitoring container security and out-of-the-box integrations for automatically routing incidents to third-party tools like Slack and PagerDuty.
Fairwinds Insights also helps DevSecOps teams achieve compliance with the Kubernetes Hardening Guidance technical report issued by the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency.