HPE Ezmeral: Uncut

Containerized workloads secure? With Runecast & HPE, yes!

Co-authored by Jason Mashak, the head of marketing at Runecast, and Ka Wai Leung, partner development manager at HPE 


HPE Ezmeral and Runecast, teamwork makes the dream work.

Organizations are adopting containers more broadly for their business needs, moving from testing the waters with small-scale proof of concepts (PoCs) to broader deployments. We see a real mix of workload styles: plain lift & shift (also known as rehosting), refactored apps, and brand new cloud-native apps. While we see this growth in containerized workloads, a significant period of co-existence with more traditional applications is likely.

The speed of new vulnerabilities

While IT operations teams have a great amount of experience when it comes to managing Windows, Linux, storage, networking, firewalls, and virtual machines, modern applications demand a whole new set of skills. Techs are upskilling as they go, because nobody has 20 years of experience in Kubernetes. At the same time, best practices are evolving for even the most mature software. And in the fast-moving world of Kubernetes, things are moving much quicker. Just because things were deployed in line with the best practices six months ago, it doesn’t mean they’re in line with current thinking. Beyond best practices, security is a major concern we hear regularly when talking to customers, especially with containerized workloads.

HPE Ezmeral monitoring/alerting

HPE Ezmeral Container Platform comes integrated with Falco, an open source runtime threat detection engine.  Falco uses community-sourced detection of malicious activity and Common Vulnerabilities and Exposures (CVE) exploits to generate alerts.  In addition, HPE Ezmeral Container Platform also provides a core set of monitoring and alerting capabilities using a combination of Metricbeat data collector, Elasticsearch for search and analytics, and Kibana for dashboard displays. These tools provide IT Ops teams with the kind of metrics they’re used to using when monitoring traditional applications.

With organizations increasingly dependent on HPE Ezmeral for its capabilities in the containers space, it made sense for HPE to partner with Runecast to improve the security capabilities on the HPE Ezmeral Container Platform.  Runecast offers an analyzer that provides insights to container security compliance and improves the stability of mission-critical IT applications as they migrate to modern cloud architecture.

Runecast Analyzer Automated Audits

Runecast Analyzer complements the base Ezmeral Container Platform monitoring features with analysis of best practices and security compliance checks. Not only does it do this for container-based workloads, but also for workloads running on more traditional platforms like VMware’s vSphere, vSAN, NSX, Horizon, and VMware Cloud Director. At the same time, these same capabilities are available for AWS and Microsoft Azure – all from a single interface. Organizations can leverage Runecast Analyzer as a central security and compliance management console for both container and non-container environments.

At launch, Runecast Analyzer provides continuous analysis of the infrastructure supporting your workloads. It includes the above mentioned best practices (as detailed by the Cloud Native Computing Foundation, the maintainer of the Kubernetes open-source project) and security compliance checks against the latest benchmark from the Center for Internet Security (CIS). CIS has long been the go-to organization for frameworks that improve your security posture, providing coverage for many technologies including Kubernetes, vSphere, AWS, Azure, and more. Runecast Analyzer provides full coverage for the entire CIS Benchmark for Kubernetes with 71 individual cross-referenced checks against your entire Kubernetes environments (highlighting the where, why, and how to improve your security posture.)

Teamwork makes the dream work!Teamwork makes the dream work!Runecast Analyzer provides IT organizations with a common tool for monitoring VMs, cloud, and HPE Ezmeral Container Platform applications. Having a common tool minimizes the learning curve for IT operations teams in adopting Kubernetes and helps IT administrators deploy and manage VMs, containers, and cloud environments at scale and with confidence.

The joint HPE and Runecast solution helps companies confidently run cloud-native workloads on the HPE Ezmeral Container Platform. By automating security, compliance, and monitoring for a secure DevOps workflow, developers and platform teams can help maximize their application release velocity on HPE Ezmeral Container Platform.

Get started today!

To learn how Runecast can help you monitor and improve the security of your mission-critical IT applications, visit www.runecast.com..

You can find Runecast Analyzer on the HPE Ezmeral Marketplace and deploy it natively to HPE Ezmeral Container Platform.

Also, learn more at:

About the authors:

JasonMashak-headshot.jpgJason Mashak is the Head of Marketing at Runecast, where he is responsible for optimal communications about the role of Runecast Analyzer in stabilizing and securing mission-critical IT environments from sea to space.


Twitter: @jasonmashak



Ka Wai Leung is part of the HPE Software Business Unit’s Partner Enablement team. (See bio above right on this page.)  https://www.linkedin.com/in/ka-wai-leung-788b851/ 

Hewlett Packard Enterprise


0 Kudos
About the Author


Ka Wai Leung is part of the HPE Software Business Unit Partner Enablement team. He has extensive background in developing container solutions throughout his career at HPE