Think of IAM (Identity and Access Management), Firewall, and UEBA (User Entity Behavior Analysis) transparently embedded into every app on the cloud.

You get non-disruptive and high-performance security by leveraging the Linux superpowers of eBPF 

In comparison, proxy and sidecars are not a new concept but add incremental fault domains that disrupt existing connections impact business continuity. Also, you can operate in read-only mode resulting in no modification to current workings.

You can cover your modern hybrid cloud world

However it can also work with legacy. It does not require all sides to have Araali, which enables teams to roll out Araali with confidence slowly. Besides, you can consistently handle heterogeneous environments - VMs, containers, functions orchestrated by any solution on the cloud.

You get all fundamentals of security covered - Authentication, Authorization, and Audit

 A non-repudiable identity is a foundation for authentication. Best of breed security on top of it with granular policies (authorization) stops malware from laterally moving or taking orders from its command and control. It leads to contextual audits and distributed alerts out of the box.  

You get out of the box policies based on a strong identity

The policies are auto-discovered - in dev or staging,  self-managed - auto-created and updated, and portable - created on-prem and usable on any cloud. Policies travel with the app as the app moves across the infrastructure and are identity-based/non-reliant on IPs so they work with immutable infrastructures.

Your team gets simple, prescriptive workflows to enable security

Automation helps customers keep up as every app - customer, 3rd party, open-source - keeps evolving. 

Araali's Claims for Advanced Persistent Threats (APT)

01

Can't move laterally

02

Can't communicate with any other enterprise apps 

03

Can't exfiltrate data or communicate with Command & Control