Rackspace Technology and oak9 secure Infrastructure as Code and Cloud operations

Offering automates cloud-native application security from design to production.

  • Thursday, 14th July 2022 Posted 2 years ago in by Phil Alsop

Rackspace Technology will offer Infrastructure as Code (IaC) Security Services from oak9 to help businesses secure cloud-native application infrastructure for developers, security teams, and cloud operations across the software development lifecycle.

Oak9 allows organizations to integrate security into existing DevOps processes at repos and orchestrations platforms before they go live in the cloud environment. The Oak9’s Security as Code Platform automatically finds, analyzes, and remediates security and compliance gaps in real-time as changes are detected in IaC and deployed cloud-native workloads.

“Customers continue to migrate away from host-based solutions to cloud abstracted workloads that are difficult for traditional security departments to audit,” said Gary Alterson, Vice President of Security Services at Rackspace Technology. “In collaboration with oak9, Rackspace Technology solves for moving to IaC easier, helping get products to market faster. With this security solution, sprint goals are delivered on time, there are no more stack rollbacks, and it is usable by anyone, not just security experts.”

Increasingly, developers are using IaC to rapidly provision vast cloud-native applications and architectures, but do not have the expertise to ensure their code is secure or compliant, or access to security teams that can review thousands of lines of code. With Infrastructure as Code Security Services Rackspace Technology and oak9 provide the following key benefits:

Design securely from the start: Access to a pre-built catalog of Security as Code blueprints – based on applicable frameworks like SOC2, HIPAA, PCI, ISO, NIST, and more – dynamically assessing every change in cloud infrastructure.

Integrate seamlessly in customer’s CI/CD pipeline: Natively integrates IDEs, code repos, CI/CD, and chat ops tools to give developers immediate security feedback through code.

Continuous monitoring drift detection: Read-only access to customers’ AWS and Azure cloud environments manages drift from intended app design and ensures app architecture remains secure by design.

Workflow notifications & alerting: Developers receive pull requests with suggested changes as they commit infrastructure as code and can decide to pass or fail the pipeline.