Prevent unauthorized/malicious software and more
- Any new software behaviors introduced into a workload will be detected (and remediated) by Guardian, including those from known (unpatched) vulnerabilities or unknown exploits such as zero days or supply chain attacks.
- Guardian goes beyond new software installs, to cover any changes in workload behavior including permission changes/privilege escalations, unauthorized user access and more.
Detect and act
- To be a sufficient compensating control, these controls must be able to both detect and act on unauthorized or malicious behaviors. Spyderbat can take action in the data plane (e.g. kill process) or control plane (e.g. kill pod) in response to runtime behavior deviations, and in conjunction with container orchestrators (K8s et al), to restore service quickly and safely.
READY TO LEARN MORE?
Security and Compliance
See how Spyderbat Guardian allows you to protect known-good conditions, to ensure your apps are both compliant, and secure against attacks and drift