Skip to main content

Integrate Lacework with Kubernetes

Lacework provides visibility and threat detection for a range of Kubernetes platforms, including:

  • Managed Kubernetes: Amazon EKS, Google Kubernetes Engine (GKE), and Azure Kubernetes Service (AKS)
  • Serverless Kubernetes: AWS Fargate and AWS ECS
  • On-premises and unmanaged Kubernetes: OpenShift and Rancher

Lacework helps secure your Kubernetes deployments, from build time to runtime through vulnerability management for container images, through Lacework Kubernetes components. You can install and use components independently. Each component brings an additional and complementary layer of visibility and detection.

Lacework Kubernetes components include:

  • Vulnerability management for container images - You can scan container images and container registries for known vulnerabilities in OS packages and libraries and create policies for immutable and reproducible container images. See Container Vulnerability Assessment for more information.
  • Admission controller for Kubernetes - The admission controller inspects container images as they are deployed to Kubernetes. Create policies to alert or block new deployment and control the execution into containers. See Integrate with Kubernetes Admission Controller for more information.
  • Kubernetes audit logs - Audit logs let you monitor all user and workload activities. Detect activities including manual access to pods, new workload creations, new Kubernetes roles, forbidden activities, and authentication issues. See Kubernetes Audit Logs Overview for more information.
  • Kubernetes Compliance - Integrate your Kubernetes cluster with Lacework's compliance platform to monitor configuration compliance of your cluster resources. Enable or disable policies to match your compliance needs, and view reports detailing non-compliant resources and recommendations. See Kubernetes Compliance Integrations for more information.
  • Kubernetes workload runtime security - The Lacework enterprise agent monitors all containers and their activities (e.g., processes and network activities) as well as Kubernetes nodes. Detect activities such as malicious activities, container escape, data exfiltration, and lateral movement. See Install Linux Agent on Kubernetes or Install Windows Agent on AKS and EKS Clusters for more information.
  • Polygraphs for Kubernetes - Lacework polygraphs for containers and nodes allow you to visualize Kubernetes clusters' network activities, process activities, user activities, and topology. See Kubernetes Dossier for more information.