The Containerized Sensor is an agent that includes both Carbon Black EDR and Image Scanning capabilities. It is used for non-Kubernetes container environments.
The sensor runs as a container, and provides container context to the regular Carbon Black EDR capabilities. This context is known as Cloud Native Detection and Response (CNDR). The sensor scans the containers on the node for vulnerabilities, malware, and secrets.
Required Dependencies
Before you install the Containerized Sensor, make sure that the following requirements are satisfied:
- The sensor is installed as a privileged container on the host network. The installing user must have permissions that allow the sensor to be installed as a privileged container on the host network, as well as the permissions to mount root folders and unix sockets to the container.
- Carbon Black Container
- Carbon Black EDR
- 2GB of memory.
- An API key that has these settings:
See Create and Manage an API key for more information.
Setting Description Access Level typeSet to Custom and select KUBERNETES_SECURITY_DATAPLANE. Access TokenRecord the provided API IDandAPI Secret Keyin the format ofAPI Secret Key/API ID, and use it as the access token.
