Runtime Container Security

The Challenge

As you are moving to containers you need new container-aware runtime controls. Legacy IDS, FIM and A/V tools are not only ineffective, but they won’t work in containerized environments. You need a solution that, has lightweight agent which can protect a container with a sub-second lifespan or one that persists for hours or days, that can scale with your company, will automatically manage an attack, and gives you the flexibility to determine how to respond. All the while, your business operations need to continue to run smoothly.

The Capsule8 Difference

Capsule8 finds and stops unwanted activity on Linux systems that jeopardizes your containerized environments. Our detection is crafted with the threat models of containers in mind and pinpoints workloads, not just hosts. Capsule8’s team includes some of the most active researchers in container escapology. To continually test our product’s container protection, we actively develop new container escape exploits for Linux kernel vulnerabilities.

Capsule8 also allows you to create custom policies leveraging container metadata, so you can extend Capsule8’s protection to meet the concerns of your unique environments.

Superset of IDS/IPS, FIM, and Signature Scanning

The Capsule8 Platform is a replacement for Intrusion Prevention Systems (IPS), File Integrity Monitoring (FIM), and Antivirus (AV). Capsule8 gives you those tools’ key capabilities (and then some), with the addition of real-time protection (even across the most complex, distributed hybrid cloud environments), improved visibility, container-awareness, and transparency and accountability in reporting. By obtaining higher quality data from production systems, we apply controls more effectively.

Detecting Container Escapes

Request a demo or watch the video to see how Capsule8 detects container escapes.

Request a Demo

Resources

How Capsule8 Protects Containerized Environments

An Exercise in Practical Container Escapology