The Capsule8 OSS Sensor is the Open Core of Capsule8 Workload Protection Platform and serves as the basis for many detections within it. The Sensor is designed to collect security and performance data with minimal impact to your containerized and non-containerized servers. It enables you to understand what your production processes are doing in real-time. The Capsule8 OSS Sensor allows you to trust that Capsule8 is safe and viable in your own environment.
HOW IT WORKS The Capsule8 OSS Sensor is exposed via a gRPC API. Unlike other solutions, it doesn’t require a kernel module, so you no longer have the burden of having to instrument Linux tracing in perf. The Sensor provides this monitoring via access to Linux tracing and perf. Because we’re tapped into traditional security data (such as fopen, syscalls, network), and performance data, we were able to rapidly prototype solutions to Spectre and Meltdown.
To download the Capsule8 Open Source Sensor, visit: https://github.com/capsule8/capsule8