Views:
  • Runtime Security: Provides visibility into any activity of your running containers that violates a customizable set of rules.
  • Runtime Scanning: Provides visibility of operating system and open source code vulnerabilities that are part of containers running in clusters.
    Important
    Important
    Vulnerability Runtime Scanning supports clusters with pure ARM64 CPU nodes or pure x86_64 CPU nodes. Mixed CPU modes is not supported.
    Cluster worker nodes require at least 2 vCPU and 8 GiB Memory. For more details on the specifications and default limits for these components, you can check the resources section in the helm chart.

Procedure

  1. Add vulnerabilityScanning: enabled: true and runtimeSecurity: enabled: true to your overrides YAML file (usually overrides.yaml):
    cloudOne:
    apiKey: <API_KEY>
    endpoint: <ENDPOINT>
    runtimeSecurity:
        enabled: true
    vulnerabilityScanning:
        enabled: true
  2. Upgrade Container Security using the following command:
    helm upgrade \
    trendmicro \
    --namespace trendmicro-system --create-namespace \
    --values overrides.yaml \
    https://github.com/trendmicro/cloudone-container-security-helm/archive/master.tar.gz