Security

Runecast 6.2 Released New Features with Container Image Scanning and GCP support

Runecast 6.2 Released New Features with Container Image Scanning and GCP support. A look at new Kubernetes features, GCP support, OIDC, etc.

Highlights

  • A few versions ago, Runecast introduced the ability to proactively remediate issues found in the environment by offering a way to generate PowerCLI and other code to run in the environment to remediate issues found.
  • Once a container deployment is requested, Runecast takes the template or manifest for the container to be deployed and sends the policy result for the image back to Kubernetes.
  • I have many times referred to the Runecast solution as one of the best products you will stand up in your environment, hands down.

I have written many times about the Runecast Analyzer solution that years ago started as a vSphere-only tool. However, now Runecast is a multi-faceted cybersecurity and compliance tool in addition to providing best practices recommendations and remediations across multiple environments, transcending vSphere. The news of Runecast 6.2 released new features, including container image scanning and GCP support. Let’s look at this release and see what it brings to the table.

What is Runecast?

In case this is the first time you have heard about Runecast, let’s get a brief overview of the solution. Runecast provides an all-in-one appliance that scans your environment for many of the difficult-to-detect problems and issues that may be present, including configuration issues, security issues, and best practices issues across the environment.

A few versions ago, Runecast introduced the ability to proactively remediate issues found in the environment by offering a way to generate PowerCLI and other code to run in the environment to remediate issues found.

As mentioned, the product continues to get better and more powerful with each release, adding more environments and additional scanning capabilities to the capabilities offered in the product. I have many times referred to the Runecast solution as one of the best products you will stand up in your environment, hands down. Its capabilities and quick time to value are hard to find in other solutions.

Runecast 6.2 Released New Features

The new Runecast 6.2 release brings exciting new features to the platform, including the following:

  • Container image scanning
    • Integrate with K8s admission controller to secure your deployment processes or run image scans manually.
  • GCP support
    • Best practices, CIS compliance and configuration tracking.
  • OIDC
    • Login to Runecast with your OIDC identity provider.
  • New security profiles
    • Visit Knowledge profiles section for a complete overview of available profiles

Container image scanning

Unquestionably, Kubernetes security has become a hot topic as more organizations adopt Kubernetes to modernize their business-critical workloads. Without a solution like Runecast, it can be difficult to secure Kubernetes deployments.

With the new Runecast 6.2 release, Runecast now integrates directly with your Kubernetes Admission Controller to provide container image scanning. You can connect to your container deployments from any platform that supports webhooks, directly to Runecast’s image scanning.

It allows enforcing your built-in policies as part of container image deployment. Pull requests must meet the enforcements of the container image policy before they are allowed. Once a container deployment is requested, Runecast takes the template or manifest for the container to be deployed and sends the policy result for the image back to Kubernetes.

Kubernetes container image scanning and other Kubernetes security features with Runecast 6.2
Kubernetes container image scanning and other Kubernetes security features with Runecast 6.2

Another great feature of this process is that Runecast can give visibility to any updates or patches for the image before deployment. This feature allows for remediating any issues before the container is deployed.

GCP support

Organizations today are becoming very “multi-cloud” in their cloud strategies, meaning they are “cherry picking” which hyperscale public cloud environments and services they want to take advantage of, allowing picking the best services from each that align with their business. Google Cloud Platform is becoming more popular among companies for certain solutions and services.

Runecast now supports adding your GCP environment and provides full insights into your GCP deployments. You can now scan your GCP environment against recognized best practices for Cloud Security Posture Management purposes.

You will also be able to measure your compliance against CIS Benchmarks and Google’s own published best practices. In addition, the Runecast Configuration Vault allows seeing changes made immediately helping to gain visibility to configuration drift.

Runecast 6.2 adds support for Goolge Cloud Platform GCP environments
Runecast 6.2 adds support for Goolge Cloud Platform GCP environments

OIDC

Runecast is still very much aligned with traditional operations, including traditional integrations. The Runecast 6.2 release now integrates with Jira and OpenID Connect. This will help to speed along your daily workflows

Runecast 6.2 adds support for OpenID Connect
Runecast 6.2 adds support for OpenID Connect

New security profiles

Runecast 6.2 brings your security protection and visibility to the next level with multiple features and capabilities, including the most robust proactive protection found in any Runecast release.

In Runecast 6.2, the latest Microsoft CVEs and Linux vulnerabilities are combined with:

  • CIS Benchmarks
  • DISA STIG (updated for both Windows and Red Hat Linux Enterprise 8) 
  • Vulnerability scanning and configuration analysis 
  • BSI IT-Grundschutz for Windows (a brand new addition)

Runecast 6.2 has new compliance and security standards for vSphere and Azure, adding DISA STIG for:

This is particularly important for our US customers, who may be constrained to operate under DISA if they use the DoD’s network or use NIST in other government areas.

Security scanning features and environments in Runecast 6.2
Security scanning features and environments in Runecast 6.2
Additional compliance standards functionality in Runecast 6.2
Additional compliance standards functionality in Runecast 6.2

Runecast FAQs

  • What is Runecast? Runecast has become a powerful Cloud Security Posture Management (CSPM) tool that provides cybersecurity scanning and best practices recommendations for a wide range of environments and solutions, including VMware vSphere, AWS, Azure, GCP, NSX-T, Horizon, Kubernetes, and many others. It provides tremendous visibility into very hard-to-detect configuration issues in the environment and makes the very hard “best practices” moving target much easier to hit.
  • Is Runecast free? Runecast offers a fully functional trial version that allows organizations to try out the functionality. You simply fill out the online form and submit it for someone at Runecast to reach out and set up the trial license.
  • What new features are found in Runecast 6.2? The main features, as discussed, are the new container image scanning, GCP support, OIDC, and new security profiles support.

Wrapping Up

Runecast, what can I say, the great keeps getting greater! The new features will undoubtedly be exciting for organizations that are using Kubernetes in their modern application development lifecycle and those that may be using Google Cloud Platform (GCP) for part of their cloud infrastructure. As always, this release’s new security profiles and scanning features are an additional win.

Visit and learn more about Runecast here:

Read my other recent Runecast posts here:

Subscribe to VirtualizationHowto via Email 🔔

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Brandon Lee

Brandon Lee is the Senior Writer, Engineer and owner at Virtualizationhowto.com and has over two decades of experience in Information Technology. Having worked for numerous Fortune 500 companies as well as in various industries, Brandon has extensive experience in various IT segments and is a strong advocate for open source technologies. Brandon holds many industry certifications, loves the outdoors and spending time with family.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.