Kubernetes intros ransomware protection with Kasten’s latest K10 release

Veeam’s Kasten business is launching ransomware protection for Kubernetes-orchestrated containers via the v4.0 release of its K10 software.

K10 is a cloud-native backup and disaster recovery product for the Kubernetes environment. Its developer, Kasten, was bought by Veeam for $150m in October last year.

Niraj Tolia, president and GM of Kasten by Veeam, said in a canned statement: “Malicious actors know that rapid development, gaps in install, and ongoing backup and operations issues can be easy threat vectors for ransomware. The new ransomware data protection capabilities in Kasten K10 plug these gaps, providing an extremely effective defence against ransomware attacks in Kubernetes environments.” 

Kasten’s VP for Product Gaurav Rishi wrote: “Kubernetes environments pose a variety of security challenges, including incorporating untrusted open-source packages when building your containerised app, incorrect privilege assignments when deploying your app, malicious privilege escalations during app execution, and not staying up to date with the latest Kubernetes updates.”

Kasten K10 graphic.

K10 v4.0 features include:

  • Immutability to protect against ransomware, malicious insider attacks, or accidental deletions,
  • Application-centric policies enabling authorised users to create Kasten K10 policies in an application’s namespace for protecting only that specific application,
  • Multi-cluster management – Authorised users can manage their own clusters, create backup policies for their own application namespaces and add secondary clusters directly through the multi-cluster manager,
  • Support for HPE Ezmeral Container Platform, Nutanix Karbon, Red Hat OpenShift, Microsoft Azure Stack, and backup to NFS targets, 
  • Support for data services, including Kafka, Cassandra, and Amazon Aurora using the open-source Kanister framework.

The v4.0 software has immutable object storage backups, with users specifying the retention period during which no data changes can be made. It allows users to choose a variety of target stores, including Amazon S3, MinIO and Scality that support immutability.

Want more information? You can read the K10 v4.0 datasheet here and download K10 v4.0 here.