Modern cloud-native computing requires a new architectural approach to security inline with microservice architecture, automatic deployment and orchestration, and modern DevOps practices. Araali leverages an eBPF-based firewall that is automatically orchestrated with your apps to protect your k8s runtime.
Auto-segment your apps to disrupt the kill chain at every k8s app boundary.
Think of IAM (Identity and Access Management), Firewall, and UEBA (User Entity Behavior Analysis) transparently embedded into every app on the cloud.
You get non-disruptive and high-performance security by leveraging the Linux superpowers of eBPF
In comparison, proxy and sidecars are not a new concept but add incremental fault domains that disrupt existing connections impact business continuity. Also, you can operate in read-only mode resulting in no modification to current workings.
You can cover your modern hybrid cloud world
However it can also work with legacy. It does not require all sides to have Araali, which enables teams to roll out Araali with confidence slowly. Besides, you can consistently handle heterogeneous environments - VMs, containers, functions orchestrated by any solution on the cloud.
You get all fundamentals of security covered - Authentication, Authorization, and Audit
A non-repudiable identity is a foundation for authentication. Best of breed security on top of it with granular policies (authorization) stops malware from laterally moving or taking orders from its command and control. It leads to contextual audits and distributed alerts out of the box.
You get out of the box policies based on a strong identity
The policies are auto-discovered - in dev or staging, self-managed - auto-created and updated, and portable - created on-prem and usable on any cloud. Policies travel with the app as the app moves across the infrastructure and are identity-based/non-reliant on IPs so they work with immutable infrastructures.
Your team gets simple, prescriptive workflows to enable security
Automation helps customers keep up as every app - customer, 3rd party, open-source - keeps evolving.
Araali's Claims for Advanced Persistent Threats (APT)
Can't move laterally
Can't communicate with any other enterprise apps
Can't exfiltrate data or communicate with Command & Control