-
Runtime Security: Provides visibility into any activity of your running containers that violates a customizable set of rules.
-
Runtime Scanning: Provides visibility of operating system and open source code vulnerabilities that are part of containers running in clusters.
Important
Vulnerability Runtime Scanning supports clusters with pure ARM64 CPU nodes or pure x86_64 CPU nodes. Mixed CPU modes is not supported.Cluster worker nodes require at least2 vCPU
and8 GiB Memory
. For more details on the specifications and default limits for these components, you can check the resources section in the helm chart.
Procedure
- Add
vulnerabilityScanning: enabled: true
andruntimeSecurity: enabled: true
to your overrides YAML file (usuallyoverrides.yaml
):cloudOne: apiKey: <API_KEY> endpoint: <ENDPOINT> runtimeSecurity: enabled: true vulnerabilityScanning: enabled: true
- Upgrade Container Security using the following command:
helm upgrade \ trendmicro \ --namespace trendmicro-system --create-namespace \ --values overrides.yaml \ https://github.com/trendmicro/cloudone-container-security-helm/archive/master.tar.gz