Download
KubeArmor is a runtime Kubernetes security engine. It uses eBPF and Linux Security Modules(LSM) for fortifying workloads based on Cloud Containers, IoT/Edge, and 5G networks. It enforces policy-based controls. KubeArmor is a runtime Kubernetes security engine. It uses eBPF and Linux Security Modules(LSM) for fortifying workloads based on Cloud Containers, IoT/Edge, and 5G networks. It enforces policy-based controls. KubeArmor lessens the attack surface on pods, containers, and virtual machines. For inline mitigation, it uses Linux Security Modules (LSMs) like AppArmor, BPF-LSM, and SELinux to provide security without changing the pod or container or without host-level adjustments. KubeArmor simplifies their intricacies and makes enforcing policy simple. It functions as a non-privileged daemonset and has host, pod, and container monitoring capabilities.
Features
- Our inline approach is proactive, in contrast to post-attack mitigation
- Boost your security with KubeArmor in simple steps
- KubeArmor limits particular behaviors of processes, file access, networking operations, and resource usage
- Based on container or workload identities, LSMs are used to enforce security policies in real-time
- Policy development based on Kubernetes metadata
- Get logs for policy breaches while keeping track of container processes via eBPF
- KubeArmor manages LSM complexity to simplify policy descriptions
Project Samples
