Listing Thumbnail

    kubearmor

     Info
    Sold by: AccuKnox 
    Quick Launch
    KubeArmor offers robust Runtime protection for Kubernetes & other cloud workloads. Leveraging eBPF and Linux Security Modules (LSM), it enforces policy-based security measures. Safeguard your cloud native applications by limiting any suspicious behavior effectively across diversified workloads. Abstract away complexity, and embrace security.

    Overview

    Play video

    KubeArmor enhances security in Bottlerocket deployments on Amazon EKS by restricting processes, files, network usage, safeguarding secrets, certificates, and controlling binary execution. Integrating KubeArmor as a Kubernetes daemonset and operating in systemd mode provides complete runtime security for a variety of workloads. For host protection, it employs inline prevention and best of breed Linux Security Modules, decreasing the attack surface. KubeArmor simplifies policy enforcement in multi node clusters by abstracting LSM complexities, allowing hassle free blocking rules, full monitoring, and no blind spots in visibility.

    Highlights

    • Add complete security to Bottlerocket deployments on Amazon EKS with KubeArmor. Limit processes, files, and network usage in your pods. Restrict access to Kubernetes security tokens for specific processes. Safeguard secrets and certificates within containers. Block updates to root certificates in specific folders. Control the execution of binaries in your containers with KubeArmor.
    • KubeArmor offers complete security for a range of workloads by integrating as a Kubernetes daemonset, and Setting it up in systemd mode to run as host/system processes on bare metal, virtual machines, and containerized workloads. It uses inline prevention to reduce the attack surface, utilizing best-of-breed Linux Security Modules (LSMs) like AppArmor, BPF-LSM, and SELinux for host protection. This approach reduces the attack surface of pods, containers, and VMs.
    • In a multi-node cluster, each node leveraging Linux Security Module, KubeArmor simplifies policy enforcement by abstracting away the LSMs' complexities. Hassle-free enforcement of blocking rules at the host or workload level Full control over monitoring hosts, pods, and containers No blind spots in visibility and protection for your cloud-native environment.

    Details

    Sold by

    Categories

    Delivery method

    Delivery option
    KubeArmor Helm Chart
    Amazon EKS console add-on

    Latest version

    Operating system
    Linux

    Features and programs

    Quick Launch

    Leverage AWS CloudFormation templates to reduce the time and resources required to configure, deploy, and launch your software.

    Pricing

    This product is free. Subscriptions have no end date and can be canceled anytime.

    Vendor refund policy

    No refunds required.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Amazon EKS console add-on

    Supported services: Learn more 
    • Amazon EKS
    EKS add-on

    An add-on is software that provides supporting operational capabilities to Kubernetes applications but isn't specific to the application. This includes software like observability agents or Kubernetes drivers that allow the cluster to interact with underlying AWS resources for networking, compute, and storage. Add-on software is typically built and maintained by the Kubernetes community, cloud providers like AWS, or third-party vendors. Amazon EKS add-ons provide installation and management of a curated set of add-ons for Amazon EKS clusters. All Amazon EKS add-ons include the latest security patches and bug fixes, and are validated by AWS to work with Amazon EKS. Amazon EKS add-ons allow you to consistently ensure that your Amazon EKS clusters are secure and stable and reduce the amount of work that you need to do to install, configure, and update add-ons.

    Version release notes
    • Adding EKS console Add-on support

    Additional details

    Usage instructions

    1. Navigate to the Amazon EKS Console. Select an existing Amazon EKS cluster. On the cluster info page, go to the Add-ons tab info page. 2. To find more add-ons, in the middle right, select Get more add-ons. Scroll down to browse the different add-on software options available for installation from AWS Marketplace. Select AccuKnox_KubeArmor . 3. If you do not have subscription to the add-on through the AWS Marketplace, you will see a callout to subscribe to the software. Choose Next again, review the information, and choose Create. 4.In AWS CLI, describe the add-on versions for Kubecost by entering the following commands: aws eks describe-addon-versions --addon-name accuknox_KubeArmor 5. Create the add-on by entering the following command, replacing my-cluster with the cluster name: aws eks create-addon
      --cluster-name my-cluster
      --addon-name accuknox_KubeArmor

    Resources

    Vendor resources

    Support

    Vendor support

    Join KubeArmor Slack:

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Customer reviews

    Ratings and reviews

     Info
    0 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    0%
    0%
    0%
    0%
    0%
    0 AWS reviews
    |
    2 external reviews
    External reviews are sourced from G2  and are not included in the star rating for this product.
    Computer & Network Security

    I am cloud engineer

    Reviewed on Sep 30, 2024
    Review provided by G2
    What do you like best about the product?
    it is very help for cloud developers because it :
    provide zero trust security.
    Compliance and Auditing.
    What do you dislike about the product?
    learning curve is quit steep.
    resource intensive.
    What problems is the product solving and how is that benefiting you?
    it helps in Compliance and Regulatory Requirements
    Chimbu C.

    Protecting Your Cloud Applications

    Reviewed on Sep 19, 2024
    Review provided by G2
    What do you like best about the product?
    I like the agentless approach, Continuous compliance and Runtime protection provided by Accuknox. It is also easier to integrate with public cloud providers
    What do you dislike about the product?
    The platform can be a little bit complex to set up and manage, especially for organizations with limited security expertise.
    What problems is the product solving and how is that benefiting you?
    Accuknox provides a single managed platform which simplifies the container security management for my company.
    View all reviews