The Containerized Sensor is an agent that includes both Carbon Black EDR and Image Scanning capabilities. It is used for non-Kubernetes container environments.
The sensor runs as a container, and provides container context to the regular Carbon Black EDR capabilities. This context is known as Cloud Native Detection and Response (CNDR). The sensor scans the containers on the node for vulnerabilities, malware, and secrets.
Required Dependencies
Before you install the Containerized Sensor, make sure that the following requirements are satisfied:
- The sensor is installed as a privileged container on the host network. The installing user must have permissions that allow the sensor to be installed as a privileged container on the host network, as well as the permissions to mount root folders and unix sockets to the container.
- Carbon Black Container
- Carbon Black EDR
- 2GB of memory.
- An API key that has these settings:
Setting Description Access Level type
Set to Custom and select KUBERNETES_SECURITY_DATAPLANE. Access Token
Record the provided API ID
andAPI Secret Key
in the format ofAPI Secret Key
/API ID
, and use it as the access token.