Provide real-time threat detection for your containerized environment to mitigate security risks. Wazuh allows you to monitor container telemetry to detect malware, illegitimate file modifications, and abnormal user behavior. It integrates with third-party threat intelligence platforms to provide contextual information about emerging threats.
Container Security
Container security involves the implementation of security measures to protect containers and the underlying infrastructure from potential threats throughout their lifecycle. Wazuh helps organizations secure their containerized environments by providing real-time monitoring and threat detection. Wazuh provides the following capabilities to ensure container security and protect against evolving security threats.
Auditing Orchestration Platforms
Monitor the audit logs of orchestration platforms to detect security threats and anomalies. Wazuh has the capability to monitor, store, and index audit logs of container orchestration tools such as Kubernetes. You can also monitor events in the audit logs such as when resources like pods are created or deleted.
Container Health Monitoring
Monitor the health of your containers to detect potential failures. Wazuh collects and analyzes container performance metrics to give an overview of your containerized environment. By monitoring resource consumption and analyzing health patterns, Wazuh proactively identifies potential failure points, allowing you to take timely actions and maintain seamless container operations.
Monitor Container Runtime
Get full visibility to protect your running container. Wazuh extends its container security capabilities to the runtime phase of deployment by performing continuous scans on workloads to detect abnormal behaviors. It detects unauthorized command execution, configuration changes, and triggers alerts about suspicious activity.
Container Inventory
Track the metadata of your containers to maintain a secure environment. Wazuh shows comprehensive metadata of containers, and reports on activities such as network connections, deployment, transition status, and process executions. It also tracks the number of container resources and triggers alerts when images are created or deleted.
Related content
Scanning Docker infrastructure against CIS Benchmark with Wazuh
By Awwal Ishiaku
Streamlining container image security with Grype and Wazuh
By Oluwasey Soneye
Detecting vulnerabilities in container images using Amazon ECR and Wazuh
By Benjamin Nworah