Elastic has announced that it has entered into a definitive agreement to acquire build.security, a policy definition and enforcement platform that leverages the open source standard Open Policy Agent (OPA), to enable organisations to enforce security actions for cloud native environments.
The addition of build.security extends Elastic's Limitless XDR, aiming to enable the enforcement of security actions for cloud-native environments including hosts, virtual machines, and containers orchestrated by Kubernetes.
By integrating the build.security technology into Elastic Security, customers will be able to continuously monitor and ensure that their cloud environments are secure in keeping with the policies they have in place, as well as continuously validate their security posture against well established standards such as the Center for Internet Security (CIS) benchmarks.
For years Elastic has provided millions of developers with powerful, free and open technology, according to Amit Kanfer, co-founder and CEO of build.security.
"We are excited to join forces with Elastic to deliver on the promise of a free and open policy management platform for cloud native environments, from code to cloud to runtime," Kanfer added.
Elastic delivers the industry's only free and open Limitless Extended Detection and Response (XDR), modernising security operations by unifying the capabilities of security information and event management (SIEM) for detecting threats and endpoint security for protecting and remediating issues on all endpoints, including in the cloud, all in a single platform. Limitless XDR is designed to extend visibility across any environment and enables security teams to eliminate blind spots.
According to Shay Banon, founder and CEO of Elastic, the ability for customers to prevent, detect and respond to threats in real time in a single platform since the company's inception.
"We have done this by bringing together SIEM for detecting threats, and endpoint security for protecting and remediating issues on all endpoints, including in the cloud," Banon said.
"We are excited to join forces with build.security to bring open policy management to Elastic Security, and invest in Open Policy Agent and its broad and emerging community."
Build.security's innovative authorisation policy management platform is designed to resolve the complexity associated with building authorisation into applications at deployment time.
Leveraging OPA, an open source, general-purpose policy engine that enables unified, context-aware policy enforcement, build.security technology provides developers with the building blocks they need to quickly generate and manage best-practice authorisation controls across enterprise applications at scale while reducing security vulnerabilities. As a graduated project of the Cloud Native Computing Foundation (CNCF), OPA has shown rapid growth and adoption by the open source community.
Elastic and build.security are aiming to build the ability to manage OPA policies directly in Kibana, enforce OPA policies through the Elastic Agent, and store the results of OPA policy executions within Elasticsearch using the Elastic Common Schema (ECS).
The initial integration with build.security will focus on Kubernetes admission controller, enabling security and compliance at deployment time, and will continue with build-time policies scanning cloud configuration files. The changes are designed to enable users will be able to shift-left and enforce security for their cloud-native applications earlier in the life cycle of their applications.