CloudGuard Workload Protection product updates - Runtime Protection Public Preview & Containerd
CloudGuard Container Security Group is Pleased to Announce:
Runtime Protection has graduated to Public Preview status.
Image Assurance & Admission Control are now fully GA.
Containerd is now fully supported on all Public Preview and GA features.
CloudGuard Runtime Protection
- CloudGuard Runtime Protection for Kubernetes monitors workload containers Kernel system calls in real-time. Runtime Protection is a combination of two engines:
- Signatures - compare the observed behavior of a workload with known signatures that potentially indicate malicious behavior, for example, execution of processes associated with crypto-mining software
- Profiling - detect anomalies in behavior compared to a baseline profile created during a dedicated profiling phase, for example, execution of sub-process that do not occur during regular workload operation, which may indicate an RCE attack
- Along-side the new Public Preview status, we are also intruding a new exciting features
- CloudGuard Runtime Protection now also supports adding deny rules for malicious signatures, giving the admin the power to kill containers that exhibit malicious behavior.
- CloudGuard Container Security now fully supports containerd runtime environment for all Public Preview and GA features.
- Containerd runtime environment is now automatically detected during agent deployment. No admin interaction is needed.
A taste of what’s coming next:
Our H2 highlights include releasing Threat Intelligence, Runtime Protection Network Profiling, Container Registry Scanning, Kubernetes Audit Logs, and many more as well as adding support for VMWare Tanzu and OpenShift environments.
- Watch a demo session given by Shay Levine and Yonatan Philip during the May the 4th Check Mates event!
- We encourage you to try out our new capabilities yourselves! You can either bring your own cluster or test out your skills with our DemoPoint.