Open source vs Enterprise
KubeArmor (Opensource)¶
KubeArmor is a cloud-native runtime security enforcement system that restricts the behavior (such as process execution, file access, and networking operations) of pods, containers, and nodes (VMs) at the system level.
AccuKnox (Enterprise)¶
AccuKnox is one of the industry’s most comprehensive and integrated CNAPP solutions which brings together multiple disparate security modules to deliver comprehensive Zero Trust security for Networks, Applications (K8s, VM), and Data across Cloud.
| Features | Open Source | Enterprise |
|---|---|---|
| Observability into the workload at granular level |  |
|
| In-line remediation for Zero Day Attacks | |
|
| Manual apply of Security Policies using CLI | |
|
| Integration to SIEM for security events and Notification tool | |
|
| Network security using CNI | |
|
| Auto-Discovered Behavioural Policies |  |
|
| Recommendation of Hardening Policies based on standard compliance framework - MITRE, NIST, PCI-DSS, CIS | |
|
| Inventory View of Application | |
|
| Network Graph View of the Application | |
|
| Network Microsegmentation in the application | |
|
| Hardening of the Secrets Managers like Hashicorp Vault, CyberArk Conjur | |
|
| GitOps based Version Control for Policy Lifecycle Management | |
|
| Rollback of recently changed Policy governing App Behavior | |
|
| On-the-fly detection of change in App Behavior through Policies | |
|
| Multi-Tenant, Multi-Cluster, RBAC for user-management | |
|
| Comprehensive Dashboard across workloads running in Managed/Unmanaged Cluster, Containerized environment, VM or Baremetal | |
|
| Integration with Registries for Container Image Vuln Scan | |
|
| Telemetry aggregation (Process executed, File accessed, Network connections made) and Alerts events (Audit, Block) | |
|
