Skip to main content Link Menu Expand (external link) Document Search Copy Copied

Workload Runtime Security demos

Description

These demos show how to implement Security by Default (SbD) on the host and in container environments by integrating and enforcing security policies as part of workload deployment and lifecycle management. This solution actively mitigates attacks by bad actors so that they cannot occur. This method of application hardening sandboxes application behavior so that only pre-specified behavior is allowed.

Use Cases

Four specific scenarios can demonstrate the power of this approach:

  1. Preventing cryptojacking attacks on edge nodes
  2. Securing credentials or sensitive assets on edge nodes
  3. Preventing lateral movements between devices and/or applications
  4. Highlighting preemptive mitigation techniques enabled by KubeArmor + Open Horizon

Videos

KubeArmor/Open Horizon demos in one minute (1 minute, no audio)

Defending against Cryptojacking attacks (2 minutes)

File Integrity Monitoring (FIM) using policies on a K8s cluster (2 minutes)

Denying malicious binary process before execution (2 minutes)

Implementing zero trust security policies on a K8s cluster (2 minutes)

Deploying KubeArmor with Open Horizon (11 minutes)

Code repositories

Architecture overview

KubeArmor-Open Horizon integration diagram

Feature Request

Workload Runtime Security