Enable Runtime Security, Runtime Vulnerability Scanning, and Runtime Malware Scanning on Kubernetes clusters.
The following table details the runtime security and scanning features available for
Kubernetes clusters.
Feature
|
Description
|
||
Runtime Security |
Provides visibility into any activity of your running containers that violates a customizable
set of rules.
|
||
Runtime Vulnerability Scanning |
Provides visibility of operating system and open source code vulnerabilities that
are part of containers running in clusters.
|
||
Runtime Malware Scanning |
Provides detection of malware in your running containers, enabling you to identify
and respond to malware threats introduced after deployment.
|
Procedure
- To enable runtime security and scanning features, add the following parameters to
your overrides YAML file (usually named '
overrides.yaml'
).runtimeSecurity: enabled: true
vulnerabilityScanning: enabled: true
malwareScanning: enabled: true
Example:cloudOne: apiKey: <API_KEY> endpoint: <ENDPOINT> runtimeSecurity: enabled: true vulnerabilityScanning: enabled: true malwareScanning: enabled: true
- Upgrade Container Security using the following command.
helm upgrade \ trendmicro \ --namespace trendmicro-system --create-namespace \ --values overrides.yaml \ https://github.com/trendmicro/cloudone-container-security-helm/archive/master.tar.gz