Containers are vulnerable against all kinds of attacks but Phoenix for Kubernetes helps mitigate route control attacks coming from Layer 3 and Layer 4.
Moving Target Defense on Kubernetes
Containers are not inherently secure: they have some built-in security features, additional tools are still a prerequisite to ensure protection throughout development, pre-production and runtime environments.
Container security software and tools automate vulnerability searches and notify developers and IT teams of potential threats in container environments.
With Phoenix for Kibernetes we take a step further ahead: our solution enables Moving Target Defense on any Kubernetes deployments, making all hacker efforts literally useless.
You may ask how? But the reponse is quite simple - by making the whole cluster an ever changing, ever evolving environment. By applying an array of MTD technologies we guarantee that the system is never the same.
In the basic version our solution kills and relabels pods on certain time bases: at fixed times, random times, etc.
Phoenix for Kubernetes' triggering mechanism provided by Falco, however, basically any kind of triggers can be applied.
Check out the sidecar we built which is already part of Falco:
R6-Security-Phoenix/falco-phoenix-sidecar
R6-Security-Phoenix/evolution
The more advanced version contains automatic reconfiguration, obfuscation and other complex MTD techniques.
So, what exactly is it?
It is an application-specific controller that extends the functionality of the Kubernetes API and can create, kill, configure and manage instances of complex applications.
And it does not disrupt the entire network?
No, it doesn't. Phoenix for Kubernetes creates internal traffic load balancing rules that make sure the pod movements will not affect the service level.
And as a bonus - we have built it for Red Hat Enterprise Linux as well.
Just get in touch with us to find out more.