.

SUSE: Powering the Most Mission-critical Workloads

Glen Kosaka

Head of Product Security


"SUSE continues to deliver industry-shaping secure and interoperable solutions. We provide the openness and flexibility for customers to use their preferred infrastructure at any time, widening access to cutting-edge innovation and empowering them to move at the pace their business requires. "

For more than 30 years, SUSE, a global leader in innovative and secure enterprise grade open-source solutions, has been relied on by the world’s leading enterprises to power their most mission-critical workloads.

SUSE specializes in three interconnected product families – Business-critical Linux, Enterprise Container Management and Edge solutions. The three areas of this secure technology stack feature a range of solutions that can be deployed in the cloud and on premises to ensure that business critical applications can be run securely.

Our leadership in Linux, cloud-native transformation and edge deployments has driven sustained growth in recent years. Underpinning this performance is a long-standing and industry-leading approach to application security across every layer of the infrastructure. In highly regulated and compliance-driven environments that require a comprehensive and robust end to end security solution, customers look to SUSE Linux Enterprise 15 Service Pack 4 (SLE 15 SP4), which provides customers with the advantages of using one of the world's most secure enterprise Linux platform. Similarly, customers rely on Rancher and SUSE NeuVector to secure modern container-based workloads especially in environments where privacy, financial, and business critical data must be protected from sophisticated attackers.

Application security must be integrated into the entire infrastructure – the stack - as well as in supply chain pipelines which move applications into production. SUSE NeuVector provides a market leading container security platform for ensuring applications are securely built and deployed in the pipeline and protected in production with a zero trust security architecture.

As organizations become increasingly interconnected, supply chain risks are growing faster than ever. SUSE ensures secure software supply chains for our products with a secure, SLSA compliant, open build service (OBS) as well as our customer’s applications to provide a guarded ecosystem for our customers to build, deploy and operate their most critical government and commercial infrastructures.

The appetite for cloud-native transformation continues to grow, and Rancher by SUSE has emerged as the most widely adopted open source project for container management, exceeding 100M Rancher software downloads in FY22. Security sits at the heart of Rancher’s success and, with the recent launch of Rancher Prime, we will be introducing additional security certifications and capabilities for customers.

In 2021, SUSE acquired NeuVector, the industry leader in full lifecycle container security, and under SUSE’s stewardship, it has been transformed into the first truly open source, end-to-end security solution. The NeuVector codebase is now allowing all users to protect application containers in the pipeline and production, addressing critical security use cases across the application lifecycle. The zero trust architecture of NeuVector enables it to provide dynamic application security which is automated into the container pipeline. Unique to NeuVector is deep network visibility and segmentation, a Kubernetes Layer 7 application firewall, data loss prevention (DLP), and web application firewall (WAF). Auditing and compliance capabilities include risk profiling, vulnerability scanning, compliance and configuration auditing, and reporting against standards such as PCI, GDPR, and NIST.

Our user experience is enhanced by simplifying security management for even the largest, most geographically distributed Kubernetes environments. This includes a public cloud provider’s Kubernetes deployment with up to a thousand nodes in a single cluster, as well as edge deployments with hundreds of clusters at the edge.

In addition, the Kubewarden project, created by Rancher and contributed to the CNCF, provides customizable policy enforcement for users to create Kubernetes admission control rules to enforce enterprise compliance, security, and operations requirements.

Security is frequently ranked as the most critical concern of enterprises moving to modern cloud based infrastructures. SUSE products provide a secure ‘stack’ on which to run applications, with NeuVector providing a leading application security solution for the entire application lifecycle. In addition, the products delivered by SUSE must be secure themselves, delivered through a secure software supply chain, and meet strict certification and compliance requirements such as those required for Common Criteria EAL 4+, FIPS 140-3, SLSA level 4 etc.

SLES is being used as a blueprint for future development of cloud native technologies, including spearheading new innovations in Confidential Computing. SUSE will continue to work closely with industry-leading partners – such as Google, AMD, Microsoft, Nvidia – to offer customers maximum Kubernetes security on any platform.

SUSE continues to deliver industry-shaping secure and interoperable solutions. We provide the openness and flexibility for customers to use their preferred infrastructure at any time, widening access to cutting-edge innovation and empowering them to move at the pace their business requires.