Supply Chain Council of European Union |
Supply Chain Risk

Big gains toward IT teams’ efficiency and free edition in the works, says Runecast


A free version in progress, plus more CNAPP capabilities to help customers secure workloads across the ‘big three’ cloud service providers and Kubernetes

Runecast Solutions Ltd. announces additional gains made in the Cloud Native Application Protection Platform (CNAPP) and IT Operations Management (ITOM) spaces to benefit CISOs and CIOs experiencing IT skills shortages within their Security and Operations teams.

As maximum efficiency of teams is one of the best solutions for IT skills shortages, Runecast solves CISO and CIO pain points by enabling their Security and Operations teams to ‘do more with less’ via automated audits for about a dozen of the most common security standards, vendor security hardening guidelines, best practices and vulnerabilities (e.g. VMSAs, CVEs, KEVs). Teams are able to stop firefighting and see – proactively – any configuration drift and vulnerabilities (listed by criticality levels). This helps greatly to offset staff shortages and shifts teams away from reactive approaches that hinder the ability to focus on business growth drivers.

Designed to operate fully on-premises, Runecast can analyze both on-prem and hybrid cloud environments. It functions fully offline (with offline-capable weekly updates) – so that no sensitive data ever needs to leave the organization’s control (e.g. for external support requests). Runecast is designed to require no learning curve and enables teams to proactively address issues before they devolve into inefficiencies, downtime or potential data breaches. “

As CISOs face increasing challenges in the areas of staffing shortages – combined with increasingly complex hybrid IT environments obscuring the transparency of their security posture – there is a move toward greater consolidation of solutions and vendors for organizations’ security needs across hybrid and multi cloud environments,” said Markus Strauss, Head of Product Management at Runecast. “Our customers report 75-90% time savings in the areas of troubleshooting and upgrade planning, and these savings enable them to focus instead on new projects.”

Coming soon: a free edition of Runecast

Runecast wants to give back to the community by providing a free edition of Runecast. The free version will offer Support via the new Runecast Community Hub and functionality will include configuration drift management (Config Vault) and auditing against vendor best practices.

“The idea behind the free version of Runecast will be to offer an essential level of help to IT teams in industries that may not be so heavily regulated for example by needing to comply with various security standards,” said Markus Strauss, Head of Product Management at Runecast.

New trend: adoption of CNAPP for securing the cloud

Organizations in need of complete visibility for complex hybrid or multi cloud environments need the ability to consolidate various tool sets where possible and a solution that requires no learning curve (due to prevalent staffing shortages) to help ensure security compliance across the estate.

CNAPP combines the categories Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP), providing both the proactive monitoring element of CSPM and the protection aspect of CWPP.

It is important for organizations to choose a platform that meets specific needs, which in terms of multi and hybrid cloud environments typically means coverage of multiple vendors and locations visible through a single vendor or a single-platform view. Such a holistic view enables organizations to effectively secure and protect cloud-native applications and remove silos between the large number of tools that an organization might be using to cover all aspects of its infrastructure.

On CNAPP adoption, Mr. Strauss stated, “CNAPP adoption is largely driven by DevOps and DevSecOps teams looking for ways to secure their cloud workloads natively in the cloud, while IT Procurement teams are using it as a catalyst for consolidating spend and opting for the ease of single-vendor purchasing.”

No surprise: Runecast is a leader in the CNAPP space

Runecast has ranked as a ‘High Performer’ in both the Spring and Summer 2022 G2 Grid® Reports for the categories Security Risk Analysis, Cloud Workload Protection Platforms (CWPP), Vulnerability Scanner, Cloud Compliance and Cloud Security.

Runecast provides organizations a proactive approach to security compliance, business continuity and operational resilience – whether on-premises, hybrid multi cloud, containers or OS – providing automated compliance auditing, best practice checks, configuration drift management, vulnerability assessment/management, remediation and reporting for multiple technologies almost entirely agent-less.

For VMware, Runecast continuously scans configuration and logs against known issues, security standards, the Hardware Compatibility List (HCL), VMware Best Practices, Best Practices for Pure Storage and SAP HANA on vSphere, and for vSphere on Nutanix – to help stabilize and secure your VMware infrastructure. VMSAs/CVEs display on the main dashboard to make vulnerability management simple.

“IT teams are aiming to consolidate into a single platform that evolves along with their needs,” said Mr. Strauss. “To provide the means of future-proofing their environments, Runecast integrates cross-technology insights – for AWS, Azure, GCP, Kubernetes, VMware, Windows and Linux – into a single platform.”

For Kubernetes, Runecast has expanded support to allow teams greater visibility into the nodes running on the Kubernetes cluster and greatly increasing the amount of vulnerabilities that customers are able to discover.

Customers can now check for vulnerabilities in all container images deployed across their environment. Image scanning is available for images that have already been deployed, but also as part of the DevOps deployment process (CI/CD pipeline). This allows customers to shift image security to the development process (shift left) to allow for secure development and deployment of container images, in addition to being able to scan images for vulnerabilities that are already deployed.

To learn more about Runecast, contact us for a consultation, or download free trial.


Runecast Solutions Ltd. is a leading global provider of a patented solution for IT Security and Operations teams. Forward-focused enterprises like Avast, DocuSign, and Merck rely on Runecast for proactive risk mitigation, security compliance, operational efficiency and mission-critical stability. Headquartered in London, U.K., Runecast is a Gartner Cool Vendor and has won Computing awards for Cloud Security Product of the Year and Best Place to Work in Digital. To add proactive to your IT strategy, visit

Related posts

EU nations can restrict providers according to new 5G guidelines, Huawei is at risk


‘Wickedest city on Earth’ overrun with prostitutes and booze until disaster hit


House Votes to Ban Trade in Big Cats as Pets and as Props For Roadside Zoos