Linux/Unix
Product Overview
KubeArmor enhances security in Bottlerocket deployments on Amazon EKS by restricting processes, files, network usage, safeguarding secrets, certificates, and controlling binary execution. Integrating KubeArmor as a Kubernetes daemonset and operating in systemd mode provides complete runtime security for a variety of workloads. For host protection, it employs inline prevention and best of breed Linux Security Modules, decreasing the attack surface. KubeArmor simplifies policy enforcement in multi node clusters by abstracting LSM complexities, allowing hassle free blocking rules, full monitoring, and no blind spots in visibility.