How to empower IT security and operations teams to anticipate and resolve IT issues
Any IT system administrator knows the misery of dealing with a problem whose root cause requires hours (and sometimes days) to be unearthed, while part of the IT infrastructure entrusted to him is unavailable to users, open to attack or not compliant with mandatory security standards.
Digging through vast piles of online documentation — knowledge base articles, tech specs, best practices, security guidelines, forum posts — eventually leads them to the right answer, but at what cost?
As virtualization professionals and former IBMers who focused on managing VMware environments for enterprise customers, the founders of Runecast know the pain (and cost) all too well. So in 2014, they set out to build a platform they themselves would have loved to have when they worked for the company.
The question of how to increase transparency and unified visibility across all platforms in a broader enterprise technology stack is an ultimate problem facing not only security and IT operations teams, but also CISOs and the CIOs.
Runecast is a patented enterprise computing platform created for admins, by admins, and tailored to the needs of those teams and business leaders.
Most importantly, it’s a proactive platform to help IT admins anticipate potential issues before they become a headache and resolve potential issues before they cause downtime. services or exploitable vulnerabilities.
The purpose is reflected in the name of the company and the platform: throwing (throwing) runestones is how some cultures have attempted to predict the future that would occur if no changes were made to the here. Runecast Analyzer does precisely that and then provides actionable solutions to avoid damaging situations.
Its power lies in Runecast AI Knowledge Automation (RAIKA), a technology that uses natural language processing (NLP) to explore and analyze the previously mentioned mountain of available unstructured sources of knowledge to turn them all into machine-readable rules.
RAIKA connects to many different sources: knowledge base articles, online documentation, forums, blog posts, and even influencer Twitter accounts.
“There are ‘influencers’ in the virtualization community who post or tweet about specific issues even before they are officially recognized by the vendor,” said Stanimir Markov, one of the co-founders. of Runecast and current CEO, at Help Net Security, and pointed out that this is one of the things that allows Runecast to be proactive.
Some of these knowledge sources are more structured (eg, hardware compatibility lists) and some less (eg, blog posts or knowledge base articles), he explained. In the first case, the creation of the rules is fully automated, but in the second, the rules are validated by humans to ensure that they do not send incorrect rules to clients.
RAIKA feeds the rules into Runecast Analyzer’s patented rules engine, which analyzes millions of interdependent objects that represent an organization’s IT infrastructure and, based on the rules produced by RAIKA, isolates groups of interdependent objects that have risky configurations that could cause a server to hang, a vulnerability to arise, or non-compliance with a security framework.
All of this happens transparently in the background and the results are automated, proactive guidelines that IT admins can act on.
A single platform to secure everything
runecast analyzer was initially a VMware-specific analytics tool, but as more organizations started using cloud services and containers, Runecast decided to turn it into a platform for administrators to analyze and oversee the security of their:
- On-premises VMware environment
- Private and/or public clouds (AWS, Azure, VMware on AWS)
- Kubernetes clusters, and
- Windows and Linux machines (on-premises or in a public, physical or virtual cloud).
The Runecast Dashboard shows a complete hybrid IT environment, revealing the most critical areas to prioritize, so the team knows precisely what to work on next.
Runecast Analyzer is used by IT security and operations teams to simulate and plan infrastructure upgrades, troubleshooting, fixing misconfigurations, and for managing and remediating vulnerabilities through standard tools such as PowerCLI, Ansible or AWS CLI and with auto-generated and well-documented scripts/playbooks.
“They can choose to run these scripts and playbooks immediately or schedule them to run during the next maintenance window. Our experience as admins has taught us that sometimes it’s difficult to get approved changes because all stakeholders need to know exactly what is going to happen during the change window. This is why it is so important that the scripts generated by Runecast are well documented: stakeholders can easily see exactly what the scripts will make and approve changes more easily,” Markov noted.
Other out-of-the-box plugins allow it to work with VMware vCenter Server and ServiceNow (to automate ticket creation). There is also a comprehensive restful API that can be leveraged to pull information from Runecast, run analysis, or perform other actions.
Ultimately, everything is designed to allow administrators to work from the interfaces they already use.
A CSPM solution like no other
The fact that Runecast Analyzer covers VMware, AWS, Azure, Kubernetes, Windows, and Linux sets it apart from similar offerings. Organizations don’t need to get a cloud security posture management (CSPM) product for their cloud(s) and then another IT operations or security solution for their on-premises environments. website; they can just use Runecast for that.
The speed of its deployment also sets it apart.
“It shouldn’t take more than 10-15 minutes to deploy it, connect it to your infrastructure and start seeing results. Runecast comes as a pre-configured, pre-installed virtual appliance, and you can deploy it on your premises or in the cloud,” Markov explained.
Another big differentiator is the platform’s full offline capabilities. Runecast does not upload any data outside of the customer’s organization and can work in locations where there is no internet connection, making it an ideal solution for organizations in the financial services, government and security sectors. the army.
“You can deploy the Runecast virtual appliance in AWS, but it will be your AWS space, not one of our AWS servers, and nothing will come out of your organization,” he clarified.
Finally, the platform also allows organizations to track their level of compliance and adoption of specific regulatory standards – CIS CSC, GDPR, HIPAA, PCI DSS, DISA STIG, NIST, BSI IT-Grundschutz, ISO 27001 and others – across the board. their entire domain. and to be alerted when compliance gaps arise.
“This is how you can continuously track your security posture, and because we provide a historical view of reporting, each time you have an audit, you can easily prove your compliance over time,” he said. he adds.
The future of Runecast
Originating from a niche of demand within VMware environments, Runecast received seed funding before its innovation was recognized in 2019 by the European Union’s Horizon 2020 grant, to expand its coverage to other computing environments reviews. In 2020, it was named Gartner Cool Vendor and won IT awards for Cloud Security Product of the Year and Best Digital Workplace.
Companies like Avast, DocuSign, and the German Aerospace Center rely on Runecast for proactive risk mitigation, security compliance, operational efficiency, and strategic stability.
Runecast is always working on improving its platform. The latest additions are its operating system scanning capability (Windows and Linux) and Config Vault, a feature that allows administrators to prevent configuration drift.
With large and complex environments, it’s easy to lose sight of the changes made to the environment by the many employees and consultants authorized to make them. Config Vault stores all of the configuration data that Runecast collects with every scan, allowing administrators and security teams to see when something has changed. They can also set a “baseline” and be alerted when deviations from it are detected, as well as check the consistency of their servers’ configuration.
Plans for the future of the platform include more compliance standards against which customers can scan their infrastructure, new operating system scanning capabilities, and an enhanced Kubernetes offering.
“Compared to other technologies, Kubernetes is still relatively new, and administrators and DevOps people are still learning security best practices. One of the important additions we plan to release soon is the ability to Shift Left, which moves security earlier in the development cycle, so Runecast will not only be able to analyze the clusters and containers you currently have, but it will also be able to analyze the patterns you’re using and integrate them into your CI pipeline/ This way you can be sure, even before you deploy the containers, that they will be fully compliant with security best practices,” Markov explained.
Runecast Analyzer’s overall plan can be summed up as “Runecast for everything”, so customers can expect support for other technologies, public clouds and applications.
The boundaries defining organizations’ IT infrastructures are becoming increasingly blurred, and their increasing complexity prevents IT system administrators from overseeing and managing them properly without the aid of automation.
Runecast Analyzer aims to make life easier for IT system administrators by allowing them to be proactive, preventing problems instead of spending hours and days putting out fires, leaving them to focus on optimizing IT environments hybrids necessary for the company.