BLOG

Observability with Auto Discovered Policies | Ankur Kothiwal @Open Observability Day

Videos

Discovery Engine is an open-source policy recommendation system, acting as a plug-in for K8s environments



It is common to analyze network and system logs for generating security policies, but the manual process is inefficient and has a high chance of missing important logs.

Discovery Engine is an open-source policy recommendation system, which can act as a plug-in for K8s environments that discovers network and system policies based on the logs collected from the various Container Network Interfaces (CNIs).

The engine leverages aggregation techniques to reduce the number of policies discovered, uses pod labels for rules specification, and handles the discovery across multiple dimensions (networks, systems).

This talk will help in providing an insight into how the auto policy discovery tool works, its use-cases, and the requirement for an automated runtime policy generating engine in the changing cloud-security environment.

⏳Timestamps
00:00:15 Understanding Observability
00:00:55 The problem
00:02:44 The solution: Auto-Discovered Policies
00:03:36 Zero Trust in DevSecOps Model
00:04:40 Discovery Engine
00:05:30 The summary

💻 Learn more about AccuKnox
Website: https://www.accuknox.com/
Help Docs: https://help.accuknox.com/
Blogs: https://www.accuknox.com/blog
—————————————————— 
Get help with AccuKnox queries
Email: contact@accuknox.com
Slack: https://kubearmor.slack.com/
Policy Templates: https://github.com/kubearmor/policy-templates
——————————————————
💬 Follow AccuKnox on social media
Twitter: https://twitter.com/accuknox
LinkedIn: https://www.linkedin.com/company/accuknox/
——————————————————
✅ Subscribe to Accuknox's YouTube channel
https://www.youtube.com/channel/UCLqK