Cloud Native Compliance

Cloud Native applications have brought both challenges and opportunities for how we tackle compliance in the cloud.  Traditional AntiVirus (AV) and EDR approaches were built for securing laptops and desktops, but don’t apply to modern ephemeral Linux based containers and cloud applications.

Book Demo

Containers and microservices also represent new opportunities for compliance - each microservice typically has a finite job to do, and a specific set of dependencies or network activity to other microservices.

If this “normal” or “known good” behavior can be observed and encoded, it enables us to understand when microservices are not operating normally, and completely “lock down” a given application at runtime, representing a powerful runtime compensating control for many compliance frameworks (SOC2 and others).

Spyderbat builds a complete Behavioral Web of runtime activity, and leveraging Guardian, workload behaviors can be automatically observed and encoded into runtime policies or Guardrails that provide a runtime compensating control for compliance requirements such as SOC2 cc6.8 and many others.

Computer screen displaying log traces with details such as start time, duration, status, summary, score, root process name, trigger short name, and flags, with a total of 39 traces.

Prevent Unauthorized/Malicious Software +

Any new software behaviors introduced into a workload will be detected (and remediated) by Guardian, including those from known (unpatched) vulnerabilities or unknown exploits such as zero days or supply chain attacks.

Guardian goes beyond new software installs, to cover any changes in workload behavior including permission changes/privilege escalations, unauthorized user access and more.

Screenshot of a cloud management dashboard showing three misconfiguration notifications with dates, severity levels, descriptions, root systems, and types.

Detect and Act

To be a sufficient compensating control, these controls must be able to both detect and act on unauthorized or malicious behaviors.

Spyderbat can take action in the data plane (e.g. kill process) or control plane (e.g. kill pod) in response to runtime behavior deviations, and in conjunction with container orchestrators (K8s et al), to restore service quickly and safely.

A network visualization graph showing connections between different clusters, namespaces, services, pods, and containers in a computer system or application environment, with a search interface at the top and timeline controls.

Container and Host

Through Spyderbat’s featherweight resource impact use of eBPF technology, it provides you with detection and response over both containers and the underlying nodes that host them

Giving you complete coverage against modern cloud native attacks like container escapes and more.

CONTACT US

Please contact us by clicking the button, a member of our team will be in touch shortly.

Contact