RapidFort Nutanix Collaboration Speeds Compliant Kubernetes for AI Workloads
KubeCon + CloudNativeCon, Amsterdam this year, saw software supply chain security company RapidFort partner with hybrid multicloud computing specialist Nutanix.
Nutanix has a respectable collection of supply chain security offerings of its own; these include Nutanix Security Development Lifecycle (SecDL), Nutanix Life Cycle Manager (LCM), and perhaps Nutanix Data Lens, which offers proactive defense by monitoring for anomalous file activity and providing audit trail.
But the company clearly thinks that you can never have too much supply chain ruggedization on hand, especially when operating out there on the frontier of new Kubernetes deployments.
Kubernetes at Scale, With Speed
The organizations say they will now work to address a growing challenge for enterprises adopting Kubernetes at scale: maintaining speed and agility without expanding security and compliance risk.
The goal here is straightforward enough; the collaboration is designed to enable enterprise teams to deploy hardened containers and accelerated compliance at scale.
Mechanics of the Partnership
RapidFort will integrate its automated software supply chain security capabilities with the Nutanix Kubernetes Platform (NKP) service. RapidFort’s platform and curated near-zero Common Vulnerabilities and Exposures (CVE) images enable users to deploy continuously hardened software artifacts remediated with every release across datacenter, edge and public cloud environments.
As cloud-native developers will know, a hardened container image is a secure template stripped of its unnecessary services to take it back to a minimalist form. It works as a pre-configured guide on the principle of least privilege and it is verified through vulnerability scanning to minimize its attack surface as it works inside any given software supply chain.
“[The mission to deliver] sovereign AI and sovereign cloud demand more than just localized data; they demand a hardened, minimalist software supply chain. Container platforms must prioritize security features that optimize libraries to enable secure-by-default container management approaches, giving customers a streamlined path to compliance in the world’s most demanding digital environments,” said Gary Chen, research director, IDC.
Secured Cloud-Native Workloads
This integration is promised to help organizations running NKP to strengthen the security of their cloud-native workloads while maintaining the speed developers expect. By extending protection into the software supply chain, RapidFort enables teams to build and operate secure Kubernetes environments for modern applications, including AI and generative AI initiatives.
“Integrating RapidFort into the Nutanix Kubernetes Platform gives our customers access to a platform with hardened software artifacts. It’s a big step forward in making Kubernetes environments more secure everywhere they run,” said Dan Ciruli, vice president and general manager for cloud-native, at Nutanix.
Automated Vulnerability Remediation
Ciruli and team remind us that, alongside the security foundation Nutanix already offers (as noted above), this work now extends protection into the software supply chain for cloud‑native deployments running on the Nutanix Cloud Platform solution. With RapidFort’s curated near-zero CVE images and automated vulnerability remediation, data and software engineering teams can deploy hardened cloud-native workloads with dramatically reduced attack surface across on-prem, edge, OEM partner platforms, and public cloud environments.
“The Nutanix Kubernetes Platform meets the enterprise foundation team’s need to run Kubernetes consistently across datacenter, edge, and public cloud,” said George Manuelian, co-founder and CSO of RapidFort. “RapidFort complements NKP by continuously eliminating vulnerabilities and reducing attack surface in the workloads deployed into those environments – so customers can move faster while reducing risk and accelerating compliance.”
The newly integrated RapidFort and Nutanix solution will be available to all NKP customers and users, regardless of tier (Starter, Pro, and Ultimate), this year.
The partnership reduces operational burden through automated vulnerability remediation; provides and security teams with clear, auditable controls for compliance; eliminates reactive patching by fostering a proactive, secure-by-design posture throughout the entire software lifecycle; and secures the supply chain with cryptographic proof of provenance, ensuring the integrity of every library from source to deployment.
