Identity-Based Workload Protection for Cloud-Native Applications
Portshift
Category
Data Centre Security/Compliance Vendor of the Year
Entry Description
Portshift is an identity-based cloud workload protection platform that secures applications from CI/CD to runtime. Portshift enables organizations to know which applications are running on their cloud environments, to see and enforce how the applications communicate and to easily find information that is associated with their development and deployment cycles enabling DevOps teams to orchestrate security as part of their day-to-day job. Portshift's unique model introduces a security framework that is decoupled from network and operations, allowing for accelerated software delivery at any scale. Portshift was spun out of think tank and company-builder Team8.

Integrated digital identity in the CI/CD pipeline
Portshift creates a unique identity for each of your workloads at deployment time in the CI/CD pipeline, which is then used to control which workloads are permitted to run in your runtime environments, and the connections they can make with other workloads. By assigning a unique identity to only your known workloads, Portshift can easily spot unidentified, possibly malicious, workloads.

You define runtime policies, in clear user-readable language, that control where workloads can run, and with whom they can communicate. You can also block unidentified workloads from getting a foothold in your environment, or connecting to your workloads.

Portshift can control application processes running in VMs or containers running in Kubernetes clusters.
Supporting Documents