Container Security Guard

Container Security Guard is a security protection product that acts on container clusters, provides a secure closed loop for pre-detection, early-warning and post-tracing of dynamic and static service security risks in the container environment, and solves security problems caused by service containerization in an easy and quick manner.
  • Product Advantages
  • Features
  • Scenarios
  • Help

Advantages

One-click simplified management

Fits the cloud-native features, with containerized deployment of all components, and supports one-click deployment and one-click uninstallation of the client. Regulates security capabilities automatically based on the changes of service clusters and defends without manual intervention.

All-round expertise

Integrates international, domestic, official and other vulnerability sources, and provides you with professional security risk detection based on Avira, ClamAV, self-developed and other virus engines.

Dynamic and static detection

Combines both static and dynamic detection methods to automatically develop the baseline of business behaviors. Based on the learning engine, identifies unknown security risks in real time to achieve intelligent protection.

Full-link secure encryption

In terms of component interaction, adopts full-link encrypted transmission, with encrypted storage of sensitive data and without exposing any client port, to protect your security, as well as its own.

Features
Deep asset list Automatically conducts an inventory of basic assets, such as container clusters. On this basis, further identifies and associates deep asset information such as container processes, container mounting, container ports, and container software with all assets for easy analysis.
Real-time risk identification For static risks, identifies vulnerabilities, malicious files, software licenses, risky software, sensitive information and other comprehensive risks. For dynamic risks, adopts the trigger mode to monitor all behaviors generated by the business in real time, and carries out intelligent analysis and judgment for early warning.
Rapid security protection Based on relevant capabilities, quickly locates the affected scope of risks and provides detailed risk information to help you judge the risks. After identifying the risks, you can immediately implement rapid security protection measures such as trustlisting and isolation.
Timely post-tracing Due to the features of the container, the behavioral data generated during operation is no longer retained after the container disappears. Container Security Guard not only records the running service container and related information but also retains detailed behavioral information for the containers that have disappeared, to prevent such a situation in which security events are found to be untraceable later.

Scenarios

< >
  • Image Security Protection
  • Container Security Protection
Scenario description
  • With the container technology, service containers are started based on images. It is particularly important to perceive the security risks of images and ensure a secure launch before the service is released online.
Benefits
  • Strong compatibility
  • Compatible with mainstream image repositories in the market, as well as mainstream operating systems, including domestic image operating systems such as localized Euler and Kylin.
  • Comprehensive detection
  • Based on multiple vulnerability sources and virus libraries, performs in-depth detection of software components, vulnerabilities, malicious files, software licenses, sensitive information and other security risks.
  • Risk blocking
  • Prevents risky images from running online based on privileged startup, vulnerabilities, software, files, and environment variables.
Help