Cloud Native Compliance
Cloud Native applications have brought both challenges and opportunities for how we tackle compliance in the cloud. Traditional AntiVirus (AV) and EDR approaches were built for securing laptops and desktops, but don’t apply to modern ephemeral Linux based containers and cloud applications.
Containers and microservices also represent new opportunities for compliance - each microservice typically has a finite job to do, and a specific set of dependencies or network activity to other microservices.
If this “normal” or “known good” behavior can be observed and encoded, it enables us to understand when microservices are not operating normally, and completely “lock down” a given application at runtime, representing a powerful runtime compensating control for many compliance frameworks (SOC2 and others).
Spyderbat builds a complete Behavioral Web of runtime activity, and leveraging Guardian, workload behaviors can be automatically observed and encoded into runtime policies or Guardrails that provide a runtime compensating control for compliance requirements such as SOC2 cc6.8 and many others.
Prevent unauthorized/malicious software and more
- Any new software behaviors introduced into a workload will be detected (and remediated) by Guardian, including those from known (unpatched) vulnerabilities or unknown exploits such as zero days or supply chain attacks.
- Guardian goes beyond new software installs, to cover any changes in workload behavior including permission changes/privilege escalations, unauthorized user access and more.
Detect and act
- To be a sufficient compensating control, these controls must be able to both detect and act on unauthorized or malicious behaviors. Spyderbat can take action in the data plane (e.g. kill process) or control plane (e.g. kill pod) in response to runtime behavior deviations, and in conjunction with container orchestrators (K8s et al), to restore service quickly and safely.
Container and host
- Through Spyderbat’s featherweight resource impact use of eBPF technology, it provides you with detection and response over both containers and the underlying nodes that host them - giving you complete coverage against modern cloud native attacks like container escapes and more.
READY TO LEARN MORE?
Security and Compliance
See how Spyderbat Guardian allows you to protect known-good conditions, to ensure your apps are both compliant, and secure against attacks and drift