What is our primary use case?
This product is for container-based security. It is a new tool; recently, they have been working independently with some kind of policy-based approach.
So basically, what happens is that the container developer is not focusing much on security. They develop those things and write the code, mainly focusing on the delivery aspects, running the application, and building the logic. But security is an essential part of the organization.
So AccuKnox basically provides security at the pod level so that after the application is developed and running and once it is integrated with AccuKnox, it is integrated with the application for the cluster. For example, if it is GCP Cloud, it provides security posture as well. And if Kubernetes is running on that or on-prem, it can also be integrated. Once that is integrated, it scans the entire cluster and provides security for the container, the application, and the workload. It suggests the best policies that should be used.
For example, if some pods have been exposed or some processes are running that can cause malware or surface attacks, the policy they suggest can be pushed up. Once the policy is pushed up, for example, if some container or cloud application is running with a root user, it means anyone can access all the files and folders.
So, the policy can suggest blocking certain processes or only allowing certain processes or commands in the pod so that no one can attack them. The policy is suggested, and they can apply it. Once the policy is applied to the cluster by AccuKnox, the entire cloud-based application is secure.
So, basically, it is a good tool from a container perspective. It also uses kernel-based security. This tool basically runs on Linux-based machines.
What is most valuable?
AccuKnox is good for integrating or having the flexibility to integrate with certain tools. This is a good thing. Generally, it does not happen because they have a tie-up with GitHub as well.
AccuKnox has placed some of their trial versions with GitHub or GitLab as well. So, if somebody wants container security, they can get their tools for scanning image vulnerabilities and application-related misconfigurations and compliance issues.
AI is being used. AccuKnox has some features that are not ready yet. For example, the product has third-party integrations. For example, ServiceNow and other detection tools. Based on some issues or something, they can have that feature, but it is not ready. It has a feature to integrate some other tools, and also they can integrate the ticketing tool.
For example, if a security-related incident happens, it can be marked as a high-severity ticket, and it can go through. AccuKnox definitely would have something integrated with AI so that it provides the solution along with the problem or incident. This way, someone would not waste time investigating the issue and finding the root cause. They would get that root cause immediately. Whoever is attending the high-severity ticket can work and focus only on the root cause issues. But as of now, AccuKnox is working on that, but it is not ready yet.
What needs improvement?
There should always be some customized reports included. The dashboard is one thing, and the second is a report. Based on that, users can assist their environment.
For example, for some Terraform code, customers want end-to-end things with their tool. They don’t want multiple tools. For a specific purpose, we need to look at different tools. They will look for a solution in one platform only so that the cost can be saved. If we use multiple tools, it means we need to give access to different ports in their environment. It is basically a kind of security compromise happening. Users have a lot of ports being used.
So, basically, users don’t want to use multiple tools. They want a single tool that includes multiple features. The report part was missing.
Also, some kind of clarity [flow clarity] is not in the tool as of now, but they are working on it. For example, if somebody manages the tool in their environment, the tool should be user-friendly. But this tool is not user-friendly as of now. This tool needs some kind of improvement so that new users or new security engineers can understand all the things in a short period of time. They can understand what is happening and how we can provide. They are catching the customer needs and working along with their development team.
For example, some of the policies customers wanted to be placed at the organization level were missing. But AccuKnox have projections as well. Some of the good things they have used are flexible to integrate with other tools. For example, not from the security point of view, but maybe CI/CD, some third-party tools helping out to optimize the container image in terms of being lightweight or having a very low surface level.
Basically, it protects against surface attacks. If a heavier image is used, it takes time to upload and impacts overall application performance. So, some tools are good for optimization.
For how long have I used the solution?
I worked for around three months because they reached out to us for the partner suite approach.
I had a chance to assist them, understand what kind of securities they provided, and determine which stage it fits and how it may be used further. Based on that, we can go with the partner suite. For example, if we had a different client and they asked for security if it would be relevant to them, we can suggest it to them. So, I worked for three months.
I assisted with the use cases we prepared, such as from the PSTN perspective and from policy and point of view or from different layers of security, like CI/CD-related security or supply chain security, which is also an essential part of the CI/CD pipeline. So, I assisted with all the stages and the best use cases for this product and which applications it is best for.
I worked closely with them for three months, as well as with their developers, because this product is basically new and in the initial stages. Some things are missing, but they are trying to catch up.
How are customer service and support?
The customer service and support are good. The response is good. Once somebody has an issue, they can respond immediately. That is a good point.
But the actual solution time should be very short. For example, once I report it they respond, “Okay, we are working on that.” But until the customer gets the solution, they continue to face the problem. So until they have deployed a new version of things, this period of time is long. And the calls, what I understand, they are in the backend because it’s not about the tool. The tool is doing its functionality.
It also depends on the cloud things, cloud knowledge, and cloud-based resource skills they have. So sometimes, there are new clouds also introduced in the market. For example, digital cloud or Alibaba. So they obviously need certain things or some configuration needed. So whoever is working from their development team needs knowledge, skill-based things, or technical things about cloud-based things. So AccuKnox needs time or a sole person who can work with their coding part and support them. And this is basically taking time. But for the most useful clouds, they have resources already available, and they have the free ready meeting also available. And they also provide support quickly.
From the GCP perspective, because GCP is popular nowadays, but the things are not pre-ready in the market or in the platform. So, somebody who looks for the solution on their official website will not get the actual solution. Users need to do some research, and then they will get a solution.
So, actually, it impacts end users to fulfill or meet those customer requirements. AccuKnox is establishing the market, and they have a unique and one of the best tools from a container perspective. The logic or the thingsAccuKnox uses to protect the container are unique, and no other tool uses this technology. Maybe in the future, somebody can adopt it, but as of now, AccuKnox has one of the best products for container security. That’s my opinion or understanding about it.
How would you rate customer service and support?
Which solution did I use previously and why did I switch?
I’ve worked with Palo Alto. I was in a Palo Alto project. I worked with their development team. Palo Alto is a good tool, widely used in IT companies and other companies from a cybersecurity point of view. But in China, they have some Google-based infrastructure where they develop and so on.
The two platforms serve different purposes. Palo Alto is primarily a network firewall solution, whereas AccuKnox is designed for Kubernetes and container-based applications. AccuKnox focuses on kernel-level security, leveraging tools like AppArmor, SELinux, and BPF (Berkeley Packet Filter). These are built to secure the Kubernetes clusters, which is something Palo Alto doesn't specialize in.
I worked with Palo Alto's Cloud Security Posture Management (CSPM) tool. It focuses on cloud-related security processes, but its purpose is different from AccuKnox. While Palo Alto is great for cloud security, AccuKnox is focused on kernel-level security for container-based environments, which makes it unique in that space. Palo Alto doesn’t have the same level of expertise in kernel security. AccuKnox, on the other hand, has developed its capabilities in this area, particularly around Linux, which is critical for Kubernetes.
How was the initial setup?
We are a service-based company that gets projects. We suggest that this tool is good for security. Then, the customers deploy their engineers, work with it, and then work with this model. But they have pricing.
AccuKnox has a SaaS-based model.
What's my experience with pricing, setup cost, and licensing?
AccuKnox has fixed charges on that. Also, AccuKnox has cluster-based pricing, depending on how many cloud providers you have integrated and how many Kubernetes clusters you have added to its SaaS model.
So, in terms of pricing, if we look for an enterprise solution, sometimes they are only focused on support after the implementation. The rest of the things are very easy. If someone is interested, AccuKnox can provide and follow the SOP, so users can also implement those things. But sometimes, they have some issues or customized requirements. So they work, and they charge separately to fulfill the customized requirements.
Overall, I would give it a six out of ten. The platform is strong in container and kernel-level security, but it still has gaps in network-level security and multi-cloud support. AccuKnox platform have AI-based features, but those aren’t fully developed yet. For example, they have a GenAI component, but it’s not quite ready for broader, practical use. Basic tasks like calling APIs or building chatbots are easy, but the logic behind their platform’s AI isn’t fully optimized for security purposes yet.
From a security perspective, we need to cover everything—from the hardware and open systems to the kernel, network, cluster, hypervisor, and application levels. It’s a broad area, and no single tool can provide expertise across all these levels. Some companies need mobile-specific security, while others need IoT or chip-level security. AccuKnox has potential but doesn’t yet cover everything. So, considering all these factors, including their technical support and responsiveness, I’d rate AccuKnox platform a six out of ten.
What other advice do I have?
For container security, AccuKnox is a good tool. But if someone wants more user-friendly features, customizations, or support for new clouds, they might be disappointed. AccuKnox will take time to get there.
My recommendation is also based on the cloud being used, like AWS, Azure, or GCP. Then, users should use it if they are using container-based applications. But if they are looking for other clouds, they should take some time to build up those tools.
