Zero Trust Cloud Security

Accuknox provides run-time protection for your Kubernetes and other cloud workloads using Kernel Native Primitives such as AppArmor, SELinux and eBPF.

Get started
Protect your cloud workload in minutes

"timestamp": 1636115744,
"action": "Block",
"componentName": "kubearmor",
"clusterId": 356,
"tenantId": 142,
"clusterName": "zomato-staging",
"updatedTime": "2021-11-05T12:35:44.377146Z",
"hostName": "gke-zomato-staging-default-pool-9eeea7f6-c5f5",
"namespaceName": "ns-frontend",
"podName": "zomato-frontend-745988f944-sm7r4",
"containerID": "e225378c7c71e6a24e4ce50191c2e2b70de80a839dbcede516b3e78c87f36862",
"containerName": "frontend-1-order-server",
"hostPid": 461784,
"ppid": 1435,
"pid": 1445,
"uid": 0,
"policyName": "ksp-mitre-kinsing-cryptomining-malware-block",
"severity": "2",
"tags": "MITRE,T1496,S0599,MALWARE,T1059.004,T1059,Crypto Mining,CVE-2020-7961",
"message": "Incident! Kinsing crypto mining attack is Blocked",
"type": "MatchedPolicy",
"source": "/var/tmp/kinsing",
"operation": "File",
"resource": "/var/tmp/kinsing",
"data": "syscall=SYS_OPEN flags=/proc/self/exe",
"result": "Passed"

Accuknox Cloud
Why are we different?

Automatically generate policies for
your workload in minutes

Accuknox automatically generates network and application protection policies in minutes to quickly deploy protection for your workloads

Anomaly detection to protect against any
malicious behavior

Detect Threats and Anomalies in your Kubernetes clusters using Accuknox’s proprietary VAE (Variational Auto Encoder) technology. You can use VAE to identify ongoing and past threats in your containers effortlessly.

Identity as a perimeter of security:
Use SPIFFE id for network policies

AccuKnox leverages strong Opensource based Identity Framework like SPIFFE/SPIRE to implement a ZeroTrust Kubernetes Run-time Security Environment.

SIEM / SOAR Integrations

Accuknox provides rich SIEM & SOAR capabilities through Splunk, Elastic, Google Security Command Centre, AWS Cloudwatch, Servicenow, and much more integration. At Infused Innovations, our SIEM and SOAR services keep your automation up-to-date.

apiVersion: "cilium.io/v2"
kind: CiliumNetworkPolicy
metadata:
  name: "Auto-discovered-policy"
spec:
  endpointSelector:
    matchLabels:
      group: bob
      app: web
  ingress:
- fromEndpoints:
  - matchLabels:
    group: alice
  toPorts:
    - ports:
      - port: "80"
      protocol: TCP

Building trust through
Open Source

Primary Contributor

KubeArmor is a container-aware runtime security enforcement system that restricts the behavior (such as process execution, file access, networking operation, and resource utilization) of containers at the system level.

Contributor

Cilium is eBPF-based Networking, Observability, and Security Tool for Kubernetes environments across cloud and on-premises infrastructure. We are focused on adding value to Cilium in the following areas of SPIFFE Based Identity, Policy Discovery, Policy Staging Support and Improved L7 Visibility

Integrations

Our list of integrations is always growing.

See More

An Introduction to Kubernetes Security using KubeArmor

The perimeter is porous.. identity is the new perimeter. The last few years has seen a tectonic shift in the velocity and sophistication of software development and

Security Policy Deployment in multiUbuntu with KubeArmor

Data is new oil Don’t let it become your Plutonium, Welcome to Zero Trust Data Security! I presume you were shocked by Amazon’s fine of $888M

Delivering Zero Trust in a DevSecOps model

Several recent events have made Zero Trust security a mandate for companies, governments, and non-profits.

Get started with Accuknox

Security built for Enterprise

Copyright © 2021. Accuknox