The Container Security Guard (CSG) is a security protection product designed for container clusters. It offers a comprehensive security solution encompassing pre-discovery, mid-event early warning, and post-event traceability of service dynamic and static security risks within the container environment. This product conveniently and quickly addresses security challenges arising from service containerization.
The main security capacities of CSG include deep asset inventory, real-time risk discovery, fast security protection, and timely post-event traceability:
l Deep Asset Inventory
Basic assets such as container clusters can be automatically counted with further identification of deep asset information including container processes, mounting, ports, and software. In addition, all assets are correlated for easy analysis.
l Real-Time Risk Discovery
For static risks, comprehensive risks such as vulnerabilities, malicious files, software licenses, risky software, and sensitive information are identified. For dynamic risks, all behaviors generated by the service are monitored in real time after triggering with intelligent research and judgment to issue timely warnings.
l Fast Security Protection
The scope of risk influence is quickly determined based on related capacities. Meanwhile, detailed risk information is provided to help users judge risks. After risks are determined, rapid security measures such as adding to the trustlist and isolation can be implemented immediately.
l Timely Post-Event Traceability
After a container disappears, the behavior data during the running is no longer retained due to the characteristics of the container. CSG records the containers that are running service and related information and retains the detailed behavior information of the containers that have disappeared. This ensures that security events can be effectively traced later.