Container Security

Container security involves the implementation of security measures to protect containers and the underlying infrastructure from potential threats throughout their lifecycle. Wazuh helps organizations secure their containerized environments by providing real-time monitoring and threat detection. Wazuh provides the following capabilities to ensure container security and protect against evolving security threats.

Threat Detection

Provide real-time threat detection for your containerized environment to mitigate security risks. Wazuh allows you to monitor container telemetry to detect malware, illegitimate file modifications, and abnormal user behavior. It integrates with third-party threat intelligence platforms to provide contextual information about emerging threats.

Threat Detection dashboard

Auditing Orchestration Platforms

Monitor the audit logs of orchestration platforms to detect security threats and anomalies. Wazuh has the capability to monitor, store, and index audit logs of container orchestration tools such as Kubernetes. You can also monitor events in the audit logs such as when resources like pods are created or deleted.

Auditing Orchestration Platforms dashboard

Container Health Monitoring

Monitor the health of your containers to detect potential failures. Wazuh collects and analyzes container performance metrics to give an overview of your containerized environment. By monitoring resource consumption and analyzing health patterns, Wazuh proactively identifies potential failure points, allowing you to take timely actions and maintain seamless container operations.

Container Health Monitoring dashboard

Monitor Container Runtime

Get full visibility to protect your running container. Wazuh extends its container security capabilities to the runtime phase of deployment by performing continuous scans on workloads to detect abnormal behaviors. It detects unauthorized command execution, configuration changes, and triggers alerts about suspicious activity.

Monitor Container Runtime dashboard

Container Inventory

Track the metadata of your containers to maintain a secure environment. Wazuh shows comprehensive metadata of containers, and reports on activities such as network connections, deployment, transition status, and process executions. It also tracks the number of container resources and triggers alerts when images are created or deleted.

Container Inventory dashboard

Learn how Wazuh can
help your organization