What do you think about when people say 'Software Supply Chain Attack'? How far does NIST guidance go in protecting against attacks? And how does a cloud native workload fingerprint work anyway? Get answers next week with Jimmy Mesta 🤙and Chris H.! https://lnkd.in/ewmvuWaD
RAD Security
Computer and Network Security
San Francisco, California 3,453 followers
Signatures are History. Respond earlier with behavioral runtime verification.
About us
In sharp contrast to one-size-fits-all, legacy CWPP and container detection and response solutions, RAD takes a custom, behavioral approach to cloud native detection and response that can counter evolving threats while sharpening inputs into shift-left and posture management.
- Website
-
https://rad.security
External link for RAD Security
- Industry
- Computer and Network Security
- Company size
- 11-50 employees
- Headquarters
- San Francisco, California
- Type
- Privately Held
- Founded
- 2021
- Specialties
- Cloud-Native Security, Kubernetes, AWS, Microsoft Azure, Google Cloud Platform, Docker, Security, cloud security, Kubernetes Security, Kubernetes RBAC, Kubernetes Admission Control, Kubernetes Security Posture Management, Kubernetes misconfigurations, AKS, EKS, and GKE
Locations
-
Primary
584 Castro St
#2185
San Francisco, California 94114, US
Employees at RAD Security
-
Greg Dracon
Partner at .406 Ventures
-
Sandeep Bhadra
seed/Series A investor in enterprise/infrastructure software companies
-
Rick Vadgama, CISSP
Chief Information Security Officer (CISO) | Board Member | Security and Privacy Leader | Advisor
-
Jeffrey Friedman
Director of Engineering / Staff Software Eng
Updates
-
We built RAD Security based on the belief that you cannot periodically scan your environment and hope that you are catching everything. We needed to build a modern solution that could detect and respond to today's threats. Check out this 1 minute video on what modern cloud native security means to Jimmy Mesta 🤙
🚀 You've probably heard of Cloud Native Security, but what does it mean in 2024? 🌥️🔒 We caught up with return guest Jimmy Mesta 🤙, CTO and Co-Founder of RAD Security at RSA to understand what Cloud Native Security means today! 💡 Real-Time Security: It’s not enough to scan your environment once a week or even once a day. Real-time insights are critical. You may need tools using eBPF, Kubernetes logs, and cloud metadata to surface contextualized risks. ⚙️ Leveraging Cloud APIs: Utilizing cloud APIs to their fullest extent is key. Building applications that leverage these APIs can significantly enhance security and efficiency. 🛠️ Native Application Stacks: Many organisation containers cycle and rebuild every five minutes or less. By integrating tools like AWS RDS and IAM, you can create application stacks that are truly native to their environments. ✨ Sprinkle of AI: While AI isn't the sole focus, it plays a crucial role in enhancing the effectiveness of cloud-native security measures. If you are interested in Kubernetes and Cloud Native, this episode with Jimmy is a good listen, we have linked the full episode in the comments below #cloudnativesecurity #kubenetessecurity #cloudnative
-
My first encounter with securing Kubernetes in the wild was at v0.8 It was the Wild West back then and while we’ve come a long way, there’s still work to be done! Happy birthday Kubernetes!
🎂 The very first commit of Kubernetes was pushed to GitHub ten years ago today, and the cloud community has never been the same. What a journey! Learn more about the history of K8s and what's ahead in this blog post by Kubernetes: https://lnkd.in/dhYFkmnH
-
🎂 The very first commit of Kubernetes was pushed to GitHub ten years ago today, and the cloud community has never been the same. What a journey! Learn more about the history of K8s and what's ahead in this blog post by Kubernetes: https://lnkd.in/dhYFkmnH
-
From executive orders and directives to SBOM requirements, image signing and scanning, there's been some serious progress on software supply chain security. But where are there still gaps? Learn from Jimmy Mesta 🤙 and Chris Hughes at our upcoming webinar. https://lnkd.in/ewmvuWaD
-
Many of the most helpful innovations come from combining ideas across specialties. 💡 In this whitepaper, we explain the key requirements for the combination of "ITDR" + "cloud native environments" - and here's a hint: detection and response for Kubernetes RBAC requires much more than the list of misconfigurations that come with a CIEM or KIEM solution. 🔦 ☑ Bonus question: Did you know that the term 'Identity Detection and Response' was initially coined by Gartner (thank you for another acronym) to describe protection for identity infrastructure, like Active Directory? ➡ The concept has since evolved to include tools that "help protect identity systems, detect when they are compromised and enable efficient remediation” https://lnkd.in/erjWZAvD
-
If pictures are worth a thousand words . . . what is a product tour worth? 🤔 At a minimum, it's the best way to get a feel for RAD and behavioral cloud native detection and response. 👍 Check it out! https://lnkd.in/ei-bdKrp
-
The latest Cyber Defense Magazine included RAD in "Transformative Innovations" from RSA, featuring both Brooke M. and Jimmy Mesta 🤙 First, on page 35 under Insights from RSA Conference 2024 : "I was personally fascinated when Brooke Motta also highlighted the importance of diversity and inclusion in cybersecurity, encouraging a culture that supports women in the field. RAD Security sets itself apart by providing a proactive approach to cloud security, enabling organizations to detect and respond to attacks as they happen, rather than relying on reactive, signature-based detection methods." Then, (page 147) Jimmy Mesta 🤙 wrote "Unlocking the Power of Behavioral Cloud Native Threat Detection and Response", which explains how behavioral detection and response should look in cloud native versus traditional environments. We loved the description of the Transformative Innovations (which included RAD) as "Beyond the Buzz Word AI, the Practical Groundbreaking Stuff." Check it out (it's free)! https://lnkd.in/ex7bnrSi
-
'Ideally, your application doesn't fire an alert at all. Things should just be silent, radio silent, if it's all working as planned.' Intrigued? You should be! Watch the entire video where Jimmy Mesta 🤙and Ashish Rajan 🤴🏾🧔🏾♂️ spell out clearly why detection with runtime signatures is dead, and CSPMs are not enough for Kubernetes Security
Is having a CSPM enough for Cloud Security? At RSA Conference 2024, Ashish sat down with returning guest Jimmy Mesta 🤙, Co-Founder and CTO of RAD Security to talk about the complexities of Kubernetes security and why sometimes traditional Cloud Security Posture Management (CSPM) falls short in a Kubernetes-centric world. We speak about the significance of behavioural baselining, the limitations of signature-based detection, the role of tools like eBPF in enhancing real-time security measures and the importance of proactive security measures and the need for a paradigm shift from reactive alert-based systems to a more silent and efficient operational model. #rsac2024 #cloudnativesecurity #kubernetessecurity
Cloud Native Security Strategies for 2024
www.linkedin.com
-
RAD Security reposted this
I cannot recommend this episode of Cloud Security Podcast with Jimmy Mesta 🤙 and Ashish Rajan 🤴🏾🧔🏾♂️ enough - but I'll take it further than Ashish does when he points out the Kubernetes sized gap in CSPM. Saying you do cloud security posture management without meaningful Kubernetes support is like saying you provide supply chain security but you don't support code. Yes you run other stuff in your cloud, but Kubernetes is the mission control center of modern applications. If you don't think your organization uses Kubernetes, it's time to talk to your developers as soon as possible, because I guarantee you're using it or a similar container orchestration tool. This is why I'm all in on the future of CDR - all the ignored posture management alerts in the world don't stop a single attack on your most critical infrastructure, only innovators like RAD Security (and the few companies that have dedicated the proper focus to K8s https://lnkd.in/esMY-Kgp) provide meaningful security against modern threats. https://lnkd.in/eHcpVVJi
Cloud Native Security Strategies for 2024
https://www.youtube.com/