AccuKnox Platform Reviews Details & Features


Our technology is anchored on seminal patented inventions in Container Security, Unsupervised learning, and Data Provenance developed at SRI International. We are core maintainers of Kubearmor and contributors to cilium open source

Open Source

Auto Discovery


Auto discovery of policies enables developers and security engineers to quickly create policies based on actual observed behavior of the application. This can then be enforced at run-time to enable zero trust.

  • Auto discovery of Cilium and KubeArmor Policies
  • Support for K8s pods as well as virtual machine processes
  • Workload specific auto discovery supported
  • Simple tooling that generates zero trust policies in 2mins

KubeArmor


KubeArmor is an application hardening solution that uses AppArmor and SELinux to harden and protect your workloads at run-time. KubeArmor Open-source and is a CNCF incubating project.

  • AppArmor + SELinux + Secomp based policies
  • Available K8s and non k8s control plane
  • K8s native support
  • Full VM based support

Cilium


Cilium is eBPF-based Networking, Observability, and Security Tool for Kubernetes environments across cloud and on-premises infrastructure. We are focused on adding value to Cilium in the following areas of SPIFFE Based Identity, Policy Discovery, Policy Staging Support and Improved L7 Visibility

  • All of Cilium core +
  • Full virtual machine support
  • Identity as a perimeter of security with SPIFEE
  • Full non K8s control plane
  • Simple tooling that generates zero trust policies in 2mins

Policy Templates


Common tactics, techniques, and procedures (TTP) that form the basis of the MITRE ATT&CK framework as well as STIGS have been implemented as policy templates. These policy templates can be quickly and easily apply to your workloads and protect them at runtime.

  • MITRE based policy templates
  • Templates for known exploits and malwares
  • Workload specific policies including MySQL, Postgres, Kafka, Cassandra and more.
  • Free and open source. Available at KubeArmor

Enterprise

Deep Learning Based Anomaly Detection


Variational Autoencoder (VAE) based Anomaly detection built in partnership with Stanford Research Institute (SRI) to detect runtime anomalies in Kubernetes environments.

  • Probabilistic model complements a deterministic ruleset provided by the policy engines
  • Builds a training model by using eBPF and monitoring over 86 system calls
  • Successfully able to detect a variety of attacks including CPUMiner (crypto-jacking / mining) and HTTP-flood attacks and other kinds of anomalies.

SIEM / SOAR Integrations


Accuknox provides SIEM / SOAR integrations with various well known tools such as Splunk, Slack, JIRA, Syslog, Amazon Cloudwatch and more.

  • Directly send all metrics / logs to ELK, Prometheus with open source
  • Leverage several integrations to send metrics and logs to systems of your choice
  • Filter and send specific logs through triggers.

Filter and send specific logs through triggers.


Policy baseline definition + automated approvals of policies leading to faster time to zero trust.

  • Auto policy checkin into github
  • UI for ease of use. But policy lifecycle including automated approvals follow standard gitops workflows.
  • Probabilistic model complements a deterministic ruleset provided by the policy engines

Get started with AccuKnox

Security built for Enterprise

Copyright © 2021. AccuKnox