Runtime Kubernetes Security

Open source tools to understand application behavior and prevent runtime data exposure. Automatically monitor and enforce behavior by automating security policies for AppArmor and SELinux.

Key use cases

Understand & visualize the behavior of your workload at runtime to detect 3rd party software issues.
Adopt zero trust principles and generate least privilege security policies that can be applied to enable runtime security and enforcement at the pod and process level.
Protect your Kubernetes and VM workloads from malicious behavior due to supply chain issues, un-patched vulnerabilities and zero day attacks.

Getting Started with Runtime security

# Install Daemonsets and Services
curl -s https://raw.githubusercontent.com/accuknox/tools/main/install.sh | bash

## Output
Following components will be installed:
- KubeArmor Protection Engine
- Cilium CNI
- Auto policy discovery engine
- MySQL database to keep discovered policies
- Hubble Relay and KubeArmor Relay

Install Open Source Components

This install instructions allow you to setup sample k8s cluster with:

- Cilium CNI
- Kubearmor Application Protection Engine
- Auto Policy Discovery Engine
- Command line tools

Get auto discovered policies for your application

Quickly and easily get auto discovered policies for your application in minutes.

# Getting Auto Discovered Policies
curl -s https://raw.githubusercontent.com/accuknox/tools/main/get_discovered_yamls.sh | bash

## Output
Downloading discovered policies from pod=knoxautopolicy-6bf6c98dbb-fhq5f
{
"res": "ok"
}
Got 37 cilium policies in file cilium_policies.yaml
{
"res": "ok"
}
Got 46 kubearmor policies in file kubearmor_policies.yaml

# Creating separate namespace
kubectl create ns accuknox-feeder-service

# Setup AccuKnox Helm repository
helm repo add accuknox-onprem-agents https://$USERNAME:[email protected]/repository/accuknox-onprem-agents
- Note: Correct credentials are needed to add repository

# Updating Helm repository
helm repo update

# Only in case ELK is required
helm upgrade --install accuknox-eck-operator accuknox-onprem-agents/eck-operator

# Deploying Feeder Service
helm upgrade --install --set elasticsearch.enabled=true --set kibana.enabled=true accuknox-feeder-service accuknox-onprem-agents/feeder-service -n accuknox-feeder-service

# Updating env variables for second container
kubectl set env deploy/feeder-service -n accuknox-feeder-service ELASTICSEARCH_HOST="https://elasticsearch-es-http.test-feed.svc.cluster.local:9200" ELASTICSEARCH_USERNAME=elastic ELASTICSEARCH_PASSWORD=xxxxxxxxxx
- Note: Replace xxxxxxxxxx with your elastic secrets

# One time procedure to validate log path
kubectl exec -it -n accuknox-feeder-service pod $POD -c filebeat-sidecar -- /bin/bash
filebeat -e

Why Accuknox

Open source tools developer focused tooling

Open source tools developer focused tooling that makes runtime cloud security adoption easy.

Application hardening and runtime protection

Accuknox enforces application policies and hardening using KubeArmor - our own open source product that brings AppArmor and SELinux to K8s / Cloud workloads. Addionally Accuknox builds on top of Cilium to provide full support for identity based network segmentation for K8s and VM workloads.

Automated Zero Trust Policy
Discovery

Fully automated zero trust policy discovery that discovers application and network policies. This is also pushed into Elastic and Kibana on the ELK stack.

Discover AccuKnox

Learn about Accuknox with our interactive community sessions, Documentation and Tutorials.

Weekly Interactive Office hours with the Accuknox Team

Join us for a weekly interactive office hours with the Accuknox team at 9 am PST on Thursday.

Add to calendar Livestream

Documentation & Tutorials

Visit our Help Section for information on documentation. Learn more on how to use Accuknox Open-source and SAAS tooling here.

Help Section Documentation