Shipa Releases Shipa Insights for Enhancing Kubernetes Security, Compliance, and Workflow EfficiencyJune 1, 2022
Shipa, a cloud-native application API that reduces complexity by unlocking an AppOps model of development, announced the launch of Shipa Insights. Part of the Shipa Cloud platform, the Shipa Insights module provides reporting and metrics that enable DevOps and platform engineering teams to enhance Kubernetes security and compliance policy enforcement across all workloads, and also accelerate their engineering efficiency with actionable data.
Organizations continue to quickly scale their teams and Kubernetes clusters as they modernize their application development. But as they scale, it becomes increasingly difficult for developers to support their own applications and for platform teams to maintain a holistic view of applications deployed by different teams. Without that visibility, it becomes harder to know how to support these applications, and to know how secure they still are.
Shipa Insights solves this challenge by empowering teams to easily understand any workload’s policy posture, support, history, metadata, and integration into incident management. With Shipa Insights, teams can quickly scan workloads to make sure they comply with all current policies, for security scanning and beyond. Importantly, Shipa Insights enables this visibility without requiring changes to even a single pipeline or cluster component.
Shipa Insights also solves the growing problem of existing Kubernetes workloads, where the original engineers are no longer available to provide expertise or a path to insights. While these early workloads receive little to no active development or investment – and engineers prefer not to work on them – the workloads still put the organization at risk if their security and compliance posture is not kept up to date. The lack of visibility (and knowledge) into these complex Kubernetes workloads leaves DevOps and platform engineering teams with an unwelcome and high-stakes chore.
“DevOps and engineering teams leveraging Kubernetes find that progress towards ongoing security and pipeline efficiency goals is hamstrung by yesterday’s workloads,” said Ravi Lachhman, Field CTO, Shipa. “Gaining visibility into these existing workloads and managing their security and operations is a tall task – especially for engineers that would much rather work on modern solutions that move their businesses forward. We’re excited for DevOps and platform engineering teams to see how simple Shipa Insights makes managing both new and existing workload security and compliance, and for them to take advantage of the solution’s illuminating engineering efficiency metrics as well.”
Shipa Insights enables teams to easily discover applications across multiple clusters and exposes all relevant data for teams to support them. It includes Policy Violation Report, which identifies any containers with policy violations across all Kubernetes workloads – and whether or not those workloads are deployed by Shipa. For example, Policy Violation Report would include visibility for a previously deployed container that doesn’t define its CPU and memory requirements. If that container violates more recently established resource-limit and auto-scaler policies, Shipa Insights enables teams to immediately recognize and remediate those issues. Teams can use Shipa to implement or update frameworks to ensure more secure and performant behaviors in at-risk Kubernetes workloads going forward. Importantly, users can gain these visibility and workflow advantages without changing a single thing in their cluster or application delivery process.
Shipa Insights can similarly bolster security protections and compliance by flagging policy enforcement gaps such as unnecessary application exposure, open access ports, workloads pulling images from unsecure sources, unsecure node deployments, and much more. At the same time, Shipa Insights offers visibility into the engineering efficiency statistics for each specific active Kubernetes workload, enabling teams to pursue more insightful optimization.