This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Yonatan_Philip
Employee Alumnus
Employee Alumnus
‎2021-07-11 11:32 AM

CloudGuard Workload Protection product updates - Runtime Protection Public Preview & Containerd

Yonatan_Philip_2-1626027813116.jpeg

 

 

CloudGuard Container Security Group is Pleased to Announce:

Runtime Protection has graduated to Public Preview status.
Image Assurance & Admission Control are now fully GA.
Containerd is now fully supported on all Public Preview and GA features.

 

CloudGuard Runtime Protection

  • CloudGuard Runtime Protection for Kubernetes monitors workload containers Kernel system calls in real-time. Runtime Protection is a combination of two engines:
    • Signatures - compare the observed behavior of a workload with known signatures that potentially indicate malicious behavior, for example, execution of processes associated with crypto-mining software
    • Profiling - detect anomalies in behavior compared to a baseline profile created during a dedicated profiling phase, for example, execution of sub-process that do not occur during regular workload operation, which may indicate an RCE attack
  • Along-side the new Public Preview status, we are also intruding a new exciting features
    • CloudGuard Runtime Protection now also supports adding deny rules for malicious signatures, giving the admin the power to kill containers that exhibit malicious behavior.

 

Containerd Support

  • CloudGuard Container Security now fully supports containerd runtime environment for all Public Preview and GA features.
    • Containerd runtime environment is now automatically detected during agent deployment. No admin interaction is needed.

 

A taste of what’s coming next:

Our H2 highlights include releasing Threat Intelligence, Runtime Protection Network Profiling, Container Registry Scanning, Kubernetes Audit Logs, and many more as well as adding support for VMWare Tanzu and OpenShift environments.

Related SKs/Documentation/Information

  • Watch a demo session given by Shay Levine and Yonatan Philip during the May the 4th  Check Mates event!
  • We encourage you to try out our new capabilities yourselves! You can either bring your own cluster or test out your skills with our DemoPoint.
0 Kudos
0 Replies
UPCOMING CLOUDMATES EVENTS
    All CloudMates Events