Container Security - Intezer

Intezer Protect
for Container Security

Complete runtime visibility and protection over all containers, images, and clusters

Intezer Protect helps shore up your entire virtualization stack, containers, images, clustering, and orchestration in runtime. So, regardless of how diverse your cloud infrastructure may be, Intezer Protect provides the water-tight seal you’re looking for to reduce the attack surface, detect attacks/breaches, and respond to those attacks.

Containers are subject to attacks from Doki and Kaiji. An infected container is not isolated. An attacker can escape to the host and infect other containers and/or applications running on the environment.

Containers are not secure by default
Antivirus/EDRs are not designed to secure containers
Pre-runtime vulnerability scans don’t detect actual attacks when they occur in runtime

Complete Runtime Container
Security Solution

Runtime protection with Intezer Protect gives you immediate visibility over all code running in your systems and alerts you whenever malicious or unauthorized code is executed.

Reduce your attack surface

  • Detect vulnerabilities in container libraries and packages in runtime.
  • Prioritize active vulnerable packages based on what is running and not just based on what is installed in the image.
  • Detect misconfigurations according to Docker and Kubernetes CIS benchmarks.

Detect attacks and breaches on your containers

  • Identify any drift or deviation from the original container image, in memory.
    Most runtime products only detect threats on disk, which prevents them from detecting post vulnerability exploitation and other in-memory threats. Once limited to sophisticated attackers, fileless malware has become the norm in recent years.
  • Detect the execution of malicious or unauthorized code.
  • Secure the Docker host and Kubernetes node in addition to containers.

Ensure visibility and control over your code in production

  • Continuously monitors your entire stack in runtime for every code and application that is running. With so much code running in your systems, from third party libraries to proprietary software and operating system code, Intezer Protect organizes this mess giving you full runtime visibility.
  • Secure all types of compute resources (containers, K8s, VMs), all technologies (Docker, Fargate, OpenShift), and cloud providers (AWS, GCP, Azure) under one platform.
  • Complete visibility over all containers, images and clusters in runtime.
  • Identify risky administration tools used in attacks such as TeamTNT abusing the Weave Scope container admin tool.

Container-oriented incident response

  • Contextualized alerts that include container-focused information such as: image name and Kubernetes pod.
  • Runtime forensic capabilities built for containers.

Meet compliance requirements for cloud and container environments

  • Demonstrate your compliance with industry regulations such as:
    – SOC-2
    – PCI DSS
    – HIPAA
    – CIS and NIST frameworks

Why Intezer Protect?

1Detect actual breaches

Many cloud security products have configuration and vulnerability scanning but not threat detection
Runtime threat detection is necessary for detecting attacks as they happen. Intezer is the fastest to identify attacks in Linux and containerized environments.

2Simplified management without complex configuration policies

Doesn’t require maintaining countless policies and container profiles
Most runtime solutions are based on behavioral profiling which generates high false positives and requires constant tweaking of rules and policies. Our core detection strategy is based on detecting unauthorized code instead of a set of rules. The result is very few false positives, and contextualized alerts indicating only real attacks.

3Enterprise-capable with easy-to-deploy, lightweight agent and low resource consumption

Perfect for highly scalable containerized environments
We average only 0.5% CPU and work seamlessly with Infrastructure as Code (IaC) tools to provide an easy deployment experience. One client deployed Intezer Protect on hundreds of K8s node in 15 minutes by using a DaemonSet.

Get Started

Don’t take our word for it. Try it out for yourself.
With the Intezer Protect Community Edition you can:

Protect up to 10 hosts for free

Detect and terminate unauthorized and malicious code in runtime

Monitor and log any new application running in your cloud environment

(No credit card required)
New: Connect Microsoft Defender with Intezer's Autonomous SOC solutionNew: Connect Microsoft Defender with Intezer's Autonomous SOC solution Learn more
Generic filters
Exact matches only
Search in title
Search in content
Search in excerpt