Portshift Identity-based application protection
Cloud Security Innovation of the Year
Entry Description
Portshift is an identity-based cloud workload protection platform that secures applications from CI/CD to runtime. Portshift enables organizations to know which applications are running on their cloud environments, to see and enforce how the applications communicate and to easily find information that is associated with their development and deployment cycles enabling DevOps teams to orchestrate security as part of their day-to-day job. Portshift's unique model introduces security that is decoupled from the network and operations that is decoupled from security. Portshift was spun out of think tank and company-builder Team8.

Portshift visualizes all workloads running on your clusters, both those that you created, and unknown ones. You can immediately see any workload with its associated CI/CD metadata, including its connections. All unsigned workloads will be immediately marked and blocked. Through intuitive policy management, administrators create security policies to control which workloads run in Kubernetes clusters and block unknown workloads. Policies are user-readable in plain language, so you won’t get bogged down with complicated tech terms, or myriads or overlapping and confusing rule statements. Portshift also offers a “Policy Advisor” that suggests additional best course of action policies for automatic enforcement.