September 30, 2020
Along with new automated checks for Kubernetes best practices and security standards, Runecast Analyzer 4.5 also introduces ‘Custom Profile’ functionality.
Custom Profiles give Runecast Analyzer users the option to create their own security profiles based on any rules found in existing Runecast profiles. We’re addressing the customers’ needs to comply with enterprise-specific custom standards based on a mix of common industry standards such as NIST, CIS, VMware Best Practices, and any other internal policies.
In Custom Profiles, creating your own baseline of rules is as easy as picking a name for your new profile and copying rules from any list view in Runecast Analyzer over to your new profile.
Once copied to a custom profile, a rule’s properties (such as name or description) can be adjusted. Certain sets of rules (i.e. PCI DSS) in Runecast Analyzer contain customizable parameters. Copying such rules to a custom profile allows adding another degree of customization to your profile.
This new functionality allows you to check continuously against your environment to prove compliance to an auditor based on the rule set applicable for your company policies.
Runecast Analyzer is the first solution that gives you automated insights also for your own internal rules. You don’t need to check your environment manually for any compliance issues, therefore you can get rid of large costs related to manual repetition and associated time investments to achieve security compliance.
We also understand that your security audits may have various intervals and not everything needs to be checked at once. Compliance reporting done over different amounts of rules for various reporting intervals is the best place to bring automation to the game. Runecast has proven time and again that the automated, regular scans can help to keep to the standards that you need.
When managing the infrastructure, it’s common to have custom baselines, rules and often specific custom names, descriptions, internal IDs, and even orders within the profile that are tied to internal processes. These custom changes can make security compliance checks even more challenging, especially with any combination of adherence to industry standards as well.
So the Custom Profiles in Runecast Analyzer were developed to alleviate those challenges, so IT admins can focus their time and energy on more beneficial areas than performing reactive and time-consuming manual checks.
In the Runecast Analyzer 4.5 release, we’ve also added new Kubernetes best practices and security compliance checks – find more about this feature here.