Realtime Cloud Detection and Response (CDR) goes beyond traditional platform protection by bringing your security into the here and now. Integrating Panoptica's CDR data collector into your Kubernetes environment provides K8s runtime protection based on Falco.
Panoptica’s renewed Code Security feature enables you to integrate your repositories and scan them for security issues earlier in the development pipeline. In addition to detecting Infrastructure as Code (IaC) misconfigurations, we’ve added enhanced secret detection as well as SAST capabilities to test your source code for vulnerabilities. Panoptica assigns severity levels to the findings in order to present them in an aggregated view.
By default, Panoptica's API Security capabilities monitor authentication and authorization behaviors by tracking security credentials (e.g. BasicAuth and JWT) stored in the standard "Authorization" request header. However, there are other valid locations for authorization tokens, such as cookies or custom request headers.
A recent change to the API Security Controller requires all customers leveraging API Security capabilities to upgrade their API Security Controller to version v0.1.20 or later.
Harnessing the power of generative AI, we have enriched the Attack Path Analysis with two key features:
We’ve added AWS Glue to the growing list of cloud services Panoptica supports. Stay tuned for coming updates that will include related security risks and attack paths.
You can now connect your AWS account to Panoptica using a Terraform script, without visiting the Panoptica console. See AWS Onboarding with Terraform for details.
Improper Inventory Management (API9:2023) is a key concern highlighted on the OWASP API Security Top 10 list. Poor lifecycle management of API specifications can lead to attacks on vulnerable endpoints.
The first release of Panoptica's Cloud Detection and Response engine enables event data collection in real time, based on Falco 0.36.
