Magalix 2021 - A Year in Review

Hello friends,

For the world, 2021 was a year of recovery. For us, it was a year of growth. Let me share with you some of the 2021 highlights for Magalix.

A Strategic Shift to the Left - Security-as-Code (SaC)

There have been many changes this year but the most notable of all was our strategic product pivot. In Magalix’s early days, our focus was on optimization - cost and resource - for cloud-native infrastructure.  Our first customers used our platform to save costs and to efficiently use their cloud resources. And many of our initial articles and resources were geared towards exactly

Our many conversations with our partners, investors, customers, and the cloud-native community, have shown us otherwise. While cloud optimization is imperative for the success of any business, small and large alike, we discovered that innovation is imperative in this fast-paced digital world. And innovation is hindered by the complexity of the evolving security landscape of the cloud-native world.  So we turned a new leaf and started a new chapter with security as code.

A New Chapter: Security-as-Code

Security-as-code (SaC) is an effective and relatively new practice to many engineers. We understand that practitioners want to know how they keep their agility while securing their infrastructure and applications with SaC. And as such, we have shifted gears and our focus to SaC.

Securing infrastructure using SaC requires the proper framework, mindset, and platform to make it a shared responsibility and apply it everywhere. And we have taken it upon ourselves to do exactly that - to accelerate the journey for companies to build secure cloud-native infrastructure and applications.

Building The Magalix Platform

1- Security and Compliance Policy Enforcement Platform

We’ve built and solidified the Magalix Policy Enforcement Platform, allowing organizations to build their own security policy or enforce any of the 100s of built-in customizable policies at any stage of the software lifecycle using the Magalix Rego Playground.

2- Product Releases

In 2021, we celebrated some incredible product releases, expanded our security and compliance policy library, and solidified our vulnerability scanning platform. Our product releases included:

Cloud-Native Application Policy Pack This policy pack focuses on the best security and configuration practices to avoid exposing critical databases, endpoints, or any other assets/resources.

PCI DSS Compliance Policies Magalix released PCI DSS compliance policies based on the one-to-one mapping to PCI requirements, covering all 12 PCI-DSS controls.

MITRE ATT&CK Policies for Kubernetes Our growing library of policies now includes the MITRE ATT&CK Matrix for Enterprise policy pack, enabling organizations to establish a security baseline.

GitHub Actions The Magalix platform is now fully integrated with GitHub Actions, giving teams the ability to get early feedback on their infrastructure-as-code (IaC) compliance and security.

Auto Remediation for GitHub Actions we released a new auto-remediation feature for GitHub actions, where security and compliance violations are immediately fixed in real-time. Read more about the feature here.

New Partnership Magalix released PCI DSS compliance policies based on the one-to-one mapping to PCI requirements, covering all 12 PCI-DSS controls.

New Product, New Website, New Look

It’s not only our product offering that has changed. Early in 2021, we completely revamped our existing website giving you, our reader,  a fresh new look, better and more intuitive UX design, and faster. Our product, website, and blog are now focused on the value companies can reap with SaC, shifting security left, codifying security policies, and more.

As part of the website facelift, we’ve updated and completely overhauled Magalix Blog and renamed it to the SaC Hub. The topics we cover changed as well. We started writing more about cloud security, policy-as-code, security as code, and shifting left.

We’ve launched the SaC podcast where we discussed with our guest security, codification of security policies, and how companies can shift left. Some of our guests were Magalixers but most of them were friends in the industry who were happy to share their expertise with our audience.

Check out all of our episodes here.

Magalix has been in business for 2 and a half years. Starting a new venture is hard and challenging but I have been very fortunate to have a great team who have helped shape, define, and grow what Magalix is and get it out there.

We’ve had a full, successful year working in our virtual offices.  To learn more about what the Magalixers have been up to this year, check out this Terrace article.