Want to speed up business system development by deploying and using container applications at scale? Then you will definitely find that a large number of data objects and various security risks need to be detected, and the difficulty of container security detection has increased !
Safety Dog found that the security requirements of many enterprise users no longer stay at the level of "just use it", so the new version of Yunjia showed up with "six major tricks" , and created a unified and convenient management model , It directly replaces the traditional decentralized detection and risk management, which is simply "cool and spicy".
Unified Asset Management
Unified asset management objectives, covering refined static and dynamic asset collection and security testing, supporting the software asset and asset security management needs of "clear data, complete information, clear status, and fast response".
-
Comprehensive static asset collection : collect key image assets, container assets, node assets, and cluster assets;
-
Fine-grained collection of dynamic behaviors : Realize the collection of dynamic asset behaviors including authority changes, account behaviors, and command operations;
-
Full asset portraits : support the portrait drawing of various assets. No longer simply stay at the basic stage of query statistics, but further provide advanced analysis functions such as asset one-click search based on asset portrait data
Unified Policy Management
Through the solutions of "same source of data, strategy diversion", "business-oriented, configurable" solutions, a unified policy management is established.
-
Runtime strategy : built-in runtime templates and supports customization. Batch policies, automation policies, and policy associations can be set to realize protection when the container goes online;
-
Image protection strategy : customize the image protection template, select protection conditions, protection scope, protection white list and protection time for different risk images;
-
Network policy : customize network policy and support pre-delivery
-
Asset scoring strategy : Built-in multiple asset scoring rules to correlate asset health status in real time
-
Policy management : Through unified management and delivery of containers, services, mirrors and other objects, it can efficiently run and analyze monitoring policy effectiveness and policy change records
Unified scan task management
Cloud Armor can quickly scan and improve efficiency. In the scanning task, users can also monitor the scanning process of each basic request and precisely control the content to be scanned.
-
Centralized management of platform image and container scanning tasks, support for scheduled and real-time scanning and automatic scanning mode
-
You can view each scan record and scan results and send scan reports
Integrated alarm and disposal center
Yunjia can provide a more comprehensive, convenient, and efficient integrated alarm and disposal center, which can easily solve problems such as viewing, screening, long response links, and slow responses in massive alarm information.
-
Centralized management of alarm events : centralized display of massive alarm events, support for classification viewing, specified filtering, global search, and positioning of alarms that need attention or manual processing to improve processing efficiency;
-
Security event standardization : provide multi-view viewing, combine ATT&CK to locate advanced threats, and achieve accurate judgment;
-
Rich alarm content : Support more than a dozen alarm fields, customize the alarm fields that need attention, make alarm information more comprehensive, easy to analyze, and accurately locate problems. Provide process-based correlation analysis and disposal suggestions to form an efficient closed-loop processing of events;
-
Alarm noise reduction : Provide multiple methods such as the same event correlation aggregation, automatic deduplication, ignoring and whitening, etc. to reduce a large number of temporarily irrelevant and repeated alarms;
-
Supports research, judgment, correlation, and automatic processing of vulnerability risks, security incidents, and risk assets, and real-time threat protection ;
-
Adopt centralized management for disposed assets, further in-depth marking, focus on problematic assets , and seamlessly connect with the alarm module to solve risks.
Centralized management of rules
In addition to improving the degree of refined management, rules can also be classified. In addition, there are built-in rule templates, rule replication, and various rules can be configured in one place and called in multiple places. The clean, convenient and convenient new decision-making experience is full!
log center
Yunjia Log Center can efficiently collect log content and analyze the system, and provide log query and massive log storage.
-
Cluster logs provide log content analysis and auditing, and visually display audit results
-
The traffic log provides information such as full inbound and outbound traffic, statistical times, and connection status
As the second half of cloud computing, cloud native technology will play an increasingly important role in the future production and development of enterprises. Only when the cloud-native security platform is continuously optimized and the technology is continuously improved can a more comprehensive and adaptable security system be established for users. The new version of Yunjia takes security operation, threat detection, and risk control as its core concepts, and adds assets and traffic to the entire system analysis process. Through the six measures of "three unifications and three centers", container security can be perceived, easy to operate, and security events can be quickly linked to a closed loop to solve the security problems of industry users.