Runtime Container Security

USE CASE

Runtime Container Security

Containerized environments are capable of dramatic and rapid scale. Modern enterprises leveraging containers need a security solution that can scale with them. Understanding Indicators of Attacks (IOAs) for containers takes a sophisticated solution that can scale as you do. But at the same time, the right solution must work similarly for bare-metal- and VM-deployed applications, with the same detection and protection logic, alert prioritizations, automated response rules, and compliance enforcement policies.

CONTAINER SECURITY

THE CHALLENGE

As you’re moving to containers you need new container-aware runtime controls. Legacy IDS, FIM and A/V tools are not only ineffective, they simply won’t work in containerized environments. You need an incredibly lightweight agent which can protect a container with a sub-second lifespan or one that persists for hours or days. You’ll need a solution which can protect thousands of containers running concurrently. You’ll need a solution which can automatically manage an attack, and gives you the flexibility to determine how to respond. All the while, your business operations need to continue to run smoothly.

The Capsule8 Difference

HIGHLIGHTS

Dynamically Scaling Node Protection

Capsule8 is container-aware. Containerized applications are managed via tools like Docker or Kubernetes (when apps are running on more than one machine). Regardless of how quickly your cluster scales up or down, every node is under Capsule8’s protection.

Superset of IDS/IPS, FIM, and Signature Scanning

The Capsule8 Platform is a replacement for Intrusion Prevention Systems (IPS), File Integrity Monitoring (FIM), and Antivirus (AV). Capsule8 gives you those tools’ key capabilities (and then some), with the addition of real-time protection (even across the most complex, distributed hybrid cloud environments), improved visibility, container-awareness, and transparency and accountability in reporting. By obtaining higher quality data from production systems, we apply controls more effectively.

Comprehensive Alerts

Never guess how an attacker got into your production system. Capsule8 will show you the process lineage, privilege transitions, process renaming details (among others) and will identify which containers are impacted. You’ll be able to trace the details of the kill chain from end-to-end.

Product Overview

Capsule8 is the industry’s only real-time, zero-day exploit detection platform purpose-built for Linux production systems in hybrid environments – whether multicloud, containerized, virtualized or bare metal.

Related Content