NeuVector scans for vulnerabilities during the entire CI/CD pipeline, from Build to Ship to Run. Use the Jenkins plug-in to scan during build, monitor images in registries and run automated tests for security compliance. Prevent deployment of vulnerable images with admission control, but also monitor production containers. Blazing fast, highly scalable image vulnerability analysis scans thousands or hundreds of thousands of images.
NeuVector discovers normal connections and application container behavior and automatically builds a security policy to protect container based services. Using process and file system monitoring with Layer 7 network inspection, unauthorized container activity or connections from containers can be blocked without disrupting normal container sessions.
With Layer 7 network inspection, application level attacks such as DDoS and DNS on containers are detected and prevented. Real-time detection and alerting adds a layer of network security to the dynamic container environment.
The NeuVector components are containers which deploy easily onto virtual machines or bare metal OS environments. The Enforcer container is deployed on each node to protect containers running on it. A Controller container manages the cluster of Enforcers. NeuVector can be managed through the Console, REST API, or CLI.
NeuVector simplifies deployment and management with the most extensive integration with orchestration and other enterprise tools. Enforce RBACs for NeuVector access with Kubernetes namespaces or automatically integrate with Red Hat OpenShift RBACs. Use existing SIEM and monitoring tools with NeuVector.