The Carbon Black Container solution can provide the visibility and control that DevOps and security teams need to make sure that their Kubernetes clusters and the applications deployed on them are secure. This topic provides a condensed view of Carbon Black Container benefits.

Carbon Black Container Essentials and Carbon Black Container Advanced

Carbon Black offers two Carbon Black Container packages that are described in the following table.

Carbon Black Container Essentials Carbon Black Container Advanced
Security posture dashboard Container Essentials +
Compliance policy automation Threat detection
Prioritized risk assessment Anomaly detection
Governance control and enforcement Egress security
Image scanning and vulnerability management SIEM integration
Shift-left security with CI/CD hardening
Topology map
Auto Enforce

At a Glance

Carbon Black Container delivers policy-based reporting and enforcement of your organization’s security posture across all workloads deployed in Kubernetes clusters.

With Carbon Black Container, you can:

  • Secure the complete lifecycle of Kubernetes applications.
  • Detect and fix vulnerabilities and misconfigurations before deployment.
  • Meet compliance standards.
  • Achieve simple, secure multi-cloud and hybrid cloud Kubernetes at scale.

Use Cases

  • Kubernetes Security Posture Management (KSPM)
  • Container image scanning
  • Container image hardening
  • Increased visibility into Kubernetes environments
  • Ensured security compliance, governance, and enforcement
  • Build behavior models for applications to identify and alert on anomalies
  • Secure containers and Kubernetes applications
  • Increase visibility into Kubernetes environments

Key Benefits for DevOps Teams

  • Fast and easy deployment
  • Seamless integration into the CI/CD pipeline and existing processes
  • Address vulnerabilities and misconfigurations at build
  • Enable speed of delivery without compromising security
  • Gain visibility into application connectivity and configuration with in-cluster network visibility map
  • Risk-prioritized vulnerability assessment of container images at runtime
  • Understand misconfiguration of secret management in Kubernetes

Key Benefits for Security Teams

  • Gain complete visibility into the Kubernetes security posture
  • Enable prioritized vulnerability reporting
  • Define and customize security policies
  • Enable developers to address vulnerabilities and misconfigurations at build
  • Enable speed of delivery without compromising security
  • Connect image vulnerabilities to specific running workloads
  • Secure egress connections to private and public destinations
  • Identify malicious egress connections by using IP reputation
  • Use machine learning and AI to build network behavior model for workloads
  • Identify malicious network activity
  • Consolidate events and alerts to a single dashboard
  • Gain visibility into Kubernetes clusters, networking flow, and application architecture