BLOG

KubeArmor Support on AWS Bottlerocket

Rahul Jadhav -
Aug 23, 2022
KubeArmor

KubeArmor provides enhanced security by using BPF-LSM to protect Bottlerocket containers from within by limiting system behavior

KubeArmor provides enhanced security by using BPF-LSM to protect Bottlerocket containers from within by limiting system behavior with respect to processes, files, etc. For e.g., a k8s security access token that is mounted within the pod is accessible by default across all the containers. KubeArmor can restrict access to such tokens only for certain processes. Similarly KubeArmor can be used to protect other sensitive information e.g., k8s secrets, x509 certs, within the container.

 

 
KubeArmor Videos Accuknox , Open Source runtime security BPF-LSM

Get started with AccuKnox

Cloud Native Application Protection Platform (CNAPP) is built in partnership with SRI (Stanford Research Institute) and is anchored on seminal patented inventions in the areas of Container Security, Anomaly Detection, and Data Provenance. AccuKnox delivers comprehensive Zero Trust security for Networks, Applications (K8, VM), and Data across Cloud, IoT/Edge, and 5G environments. AccuKnox can be deployed in Public and Private Cloud environments. AccuKnox is a core contributor to the Kubernetes Runtime Security platform, and AccuKnox’s CNCF project, KubeArmor, has received 200,000+ downloads.

AccuKnox

Github Slack LinkedIn Twitter YouTube

Resources

Company

Open Source

Copyright © 2022 AccuKnox
Privacy Policy | Terms of Use