kubearmor

We have hosted the application kubearmor in order to run this application in our online workstations with Wine or directly.

Quick description about kubearmor:

KubeArmor is a runtime Kubernetes security engine. It uses eBPF and Linux Security Modules(LSM) for fortifying workloads based on Cloud Containers, IoT/Edge, and 5G networks. It enforces policy-based controls. KubeArmor is a runtime Kubernetes security engine. It uses eBPF and Linux Security Modules(LSM) for fortifying workloads based on Cloud Containers, IoT/Edge, and 5G networks. It enforces policy-based controls. KubeArmor lessens the attack surface on pods, containers, and virtual machines. For inline mitigation, it uses Linux Security Modules (LSMs) like AppArmor, BPF-LSM, and SELinux to provide security without changing the pod or container or without host-level adjustments. KubeArmor simplifies their intricacies and makes enforcing policy simple. It functions as a non-privileged daemonset and has host, pod, and container monitoring capabilities.

Features:

• Our inline approach is proactive, in contrast to post-attack mitigation
• Boost your security with KubeArmor in simple steps
• KubeArmor limits particular behaviors of processes, file access, networking operations, and resource usage
• Based on container or workload identities, LSMs are used to enforce security policies in real-time
• Policy development based on Kubernetes metadata
• Get logs for policy breaches while keeping track of container processes via eBPF
• KubeArmor manages LSM complexity to simplify policy descriptions

Programming Language: Go.
Categories: