Zero Trust Runtime Security | SUSE Communities
Protect data in production
Traditional security practices focus on exceptions, blocklists, signatures, malware, and vulnerability scanning. These legacy approaches, while important to a layered security approach, focus efforts on being reactive which is becoming harder to scale. Zero-Trust is critical in moving to a proactive approach to security, where we can declare acceptable behavior and block anything anomalous to your desired state at the packet and application layers.
NeuVector discovers normal connections and application container behavior and automatically builds a security policy to protect container-based services. NeuVector correlates application, network, process, and file access layers to assure you have the multi-vector accuracy needed for zero-trust. NeuVector is a pioneer in this space, especially in the ability to see and act on application traffic (layer 7).
An example of Zero Trust would be, for each application, to review and customize, if necessary, the allowed behavior for network connections, process, and file activity, and then lock the application down so any other activity is untrusted.
