Uptycs Adds Agentless Scanning to Integrated Cybersecurity Platform
Uptycs has added an agentless scanning capability to its platform that combines the capabilities of a cloud-native application protection platform (CNAPP) and an extended detection and response (XDR) solution into a single offering.
Depending on the use case, cybersecurity teams are often forced to choose different cybersecurity platforms when choosing between agent and agentless approaches.
Jack Roehrig, technology evangelist for Uptycs, said the latest version of the Uptycs platform makes it possible to fully scan unmanaged cloud workloads to detect risks such as misconfigurations, policy violations, exposed secrets, vulnerabilities and malware.
Conversely, he noted that organizations can employ an agent-based approach to take advantage of remediation and blocking capabilities based on the behavior of the malware detected.
The Uptycs approach to providing those capabilities will collect normalized telemetry data in a way that can be easily queried regardless of whether an agent is installed, said Roehrig. That capability creates an opportunity to reduce the level of friction that is often encountered when information security, DevOps and IT operations teams attempt to collaborate, he added. Each team is given access to the same data to facilitate collaboration, noted Roehrig.
There has been a long-standing debate over the merits of agentless versus agent-based approaches to cybersecurity. Agents provide cybersecurity teams with more control while agentless approaches don’t impose an additional overhead on an IT environment. Today, however, there are increasing situations where developers have deployed a workload in the cloud on their own without installing any agent software, so an agentless approach makes it possible for cybersecurity teams to assess the security posture of those unmanaged workloads by scanning application programming interfaces (APIs).
It’s not clear to what degree cybersecurity teams might be able to convince developers to add one more agent to application workloads that are already instrumented using a wide range of monitoring agents. In many cases, an agentless approach is the path of least resistance when trying to encourage adoption of DevSecOps best practices. The less impact a cybersecurity platform has on the pace at which applications are being developed and deployed the more amenable DevOps teams will be to embracing it.
Regardless of approach, Uptycs is now a one-stop shop for addressing both approaches to cybersecurity when many organizations are looking to contain cost by reducing the number of cybersecurity vendors they need to engage, noted Roehrig. Uptycs accomplished that goal by providing CNAPP and XDR capabilities within a single platform rather than requiring cybersecurity teams to deploy and manage two separate environments, he added. Uptycs continuously monitors endpoints, server fleets and cloud resources via a single interface accessible to everyone in IT, noted Roehrig.
There is a need for most organizations to revisit their cybersecurity strategies as threats continue to increase in volume and sophistication. The challenge is finding the most cost-effective way to achieve that goal without making any compromises that might come back to haunt an organization later.
