The Cloudanix Container Security capability provides a dashboard to help you scan images for vulnerabilities, detect runtime threats and unusual behavior in your Kubernetes clusters.Examples of few the runtime threats detection rules:
Files added or modified in sensitive directories
SSH into a container
Modifications to shell configuration files
Attempts to read sensitive files that contain credential information
Crypto mining
The Cloudanix dashboard provides an interactive interface that displays the mapping between threat events, associated workloads (container, pod, and node). Cloudanix also builds co-relation between Runtime Threats and Image VulnerabilitiesThere are multiple capabilities offered as part of Container Security Product.
Runtime Threat Detection capability is offered as Helm Chart which sits next to the cluster workloads for deeper visibility & analysis into system level calls.
Pick a cluster where you would like to install the container security capability.
Install Helm on your local machine, if it’s not installed already, check “Steps to Install Helm” section for steps. Any version below 3.9.0 should be okay. 3.9.0 is known to raise invalid APIVersion errors while installation of helm charts. Reference: https://github.com/helm/helm/issues/10975
For the Container Security integration, team member should be able to connect & install helm charts
Image Vulnerabilities Scanning at Build time Installation:
Image Vulnerabilities Scanning at Build time integrates with CI/CD Pipelines. Once integrated, Cloudanix plugin exports vulnerabilities findings to Cloudanix. It’s used for visibility & also for co-relation with runtime workloads & threats in Cloudanix Dashboard.Currently, following CI/CD Platforms are supported for integration: