When implementing runtime policies, Kaspersky Container Security can apply user-defined rules for monitoring processes and the network. To do so, add runtime profiles to the appropriate runtime policies. Runtime profiles are essentially lists of restrictions for containers. Image profiles define the settings for secure image deployment and safe activities of an application deployed from an image. The actions assigned in profiles can significantly reduce the capabilities of cybercriminals who could potentially infiltrate a facility, and can improve security during the runtime operation of containers.
The following settings specify restrictions in an image profile:
Container runtime profiles in runtime policies apply to images that are running in orchestration environments using objects within the cluster. If a container is started outside the orchestration environment (for example, using the docker run or ctr run command), the solution will not detect malware in such a container.
The solution does not automatically perform a malware scan when objects are saved in a container. We recommend additionally protecting containerized files outside the orchestration environment.
The list of configured profiles is displayed as a table on the Container runtime profiles tab under Policies → Runtime policies. For each container runtime profile, the following information is provided:
In the Policies → Runtime → Container runtime profiles section, you can: