Aporeto provides granular control over vulnerabilities and threat activities by conducting static and runtime analysis of container images and their interactions with the broader system to enable remediation through real-time policy response. Aporeto also monitors runtime behavior by analyzing workload network communication patterns and lower-level system call activity against benchmarked and anticipated norms. Easy-to-write policies can provide protective action against CVEs levels or specific CVEs to quarantine containers, stop communications, and snapshot them for further analysis.
Container Threat Detection and Remediation
Aporeto provides real-time threat detection and container vulnerability management across the entire microservices technology stack by analyzing and correlating behavior from network, identity, vulnerability and application context.