Helios provides security visibility into Docker hosts and containers, monitoring their behavior and detecting threats, vulnerabilities, and anomalies. The Helios agent has native integration with the Docker engine allowing users to monitor images, volumes, network settings, and running containers. Helios continuously collects and analyzes detailed runtime information. For example, alerting for containers running in privileged mode, vulnerable applications, a shell running in a container, changes to persistent volumes or images, and other possible threats.
Provide real-time threat detection for your containerized environment to mitigate security risks. Helios allows you to monitor container telemetry to detect malware, illegitimate file modifications, and abnormal user behavior. It integrates with third-party threat intelligence platforms to provide contextual information about emerging threats.
Monitor the audit logs of orchestration platforms to detect security threats and anomalies. Helios has the capability to monitor, store, and index audit logs of container orchestration tools such as Kubernetes. You can also monitor events in the audit logs such as when resources like pods are created or deleted.
Monitor the health of your containers to detect potential failures. Helios collects and analyzes container performance metrics to give an overview of your containerized environment. By monitoring resource consumption and analyzing health patterns, Helios proactively identifies potential failure points, allowing you to take timely actions and maintain seamless container operations.
Get full visibility to protect your running container. Helios extends its container security capabilities to the runtime phase of deployment by performing continuous scans on workloads to detect abnormal behaviors. It detects unauthorized command execution, configuration changes, and triggers alerts about suspicious activity.
Track the metadata of your containers to maintain a secure environment. Helios shows comprehensive metadata of containers, and reports on activities such as network connections, deployment, transition status, and process executions. It also tracks the number of container resources and triggers alerts when images are created or deleted.
Reduce your total exposure time by continuously monitoring the configuration of your endpoints. Helios performs periodic SCA scans to swiftly detect misconfigurations, enabling early remediation for guaranteed system security. Endpoints send real-time data to the Helios server using authenticated and encrypted channels to keep track of your security posture.
