Forensic Analysis of Security Events Using AccuKnox

Home
Overview
Overview
Getting Started
Getting Started
- Onboarding Playbooks
  Onboarding Playbooks
- Cloud Accounts
  Cloud Accounts
  - Prerequisites
    Prerequisites
    
    AWS
    
    Azure
    
    GCP
  - Onboarding
    Onboarding
    
    AWS
    
    Azure
    
    GCP
    
    Offboard Clound Account
- Workloads
  Workloads
  - Kubernetes
    Kubernetes
    
    Runtime Security Prerequisites
    
    Runtime Security Onboarding
    
    Cluster Onboarding with Access Keys
    
    Cluster Miconfiguration Scan Onboarding
    
    CIS Benchmarking
    
    Cluster Offboarding
  - VM/Bare Metal
    VM/Bare Metal
    
    VM Onboard/Deboard with Docker
    
    VM Onboard/Deboard with SystemD
    
    SystemD Based Non-BTF Environments
    
    VM Onboarding with Access Keys
  - Generate CWPP Reports
  - Sample Workloads Protection
    Sample Workloads Protection
    
    WordPress-MySQL
    
    DVWA
    
    PHP-MySQL
- ASPM
  ASPM
- Container Registry
  Container Registry
- OnPrem
  OnPrem
  - On-prem Installation
  - Security on OpenShift
  - Health Monitoring
    Health Monitoring
    
    RINC
- Open Source
  Open Source
  - Open source vs Enterprise
  - Open Source Installation
- Signup/Login via SSO
- Create Tokens
- Create Labels
- Create Access Keys
- Reports
  Reports
  - Configure Custom Report
  - Summarized Custom Report
Integrations
Integrations
- CI/CD
  CI/CD
  - Overview
  - Azure DevOps
    Azure DevOps
    
    Overview
    
    SAST
    
    Container Image Scan
    
    Iac Scan
    
    DAST
    
    Secret Scan
    
    OpenGrep SAST
  - Google Cloud Build
    Google Cloud Build
    
    Overview
    
    SAST
    
    Container Image Scan
    
    IaC Scan
    
    DAST
  - Harness
    Harness
    
    Overview
    
    SAST
    
    Container Image Scan
    
    IaC Scan
    
    DAST
  - Jenkins
    Jenkins
    
    Overview
    
    SAST
    
    Container Scan
    
    IaC Scan
    
    DAST
    
    Secret Scan
    
    Pipeline Script
    Pipeline Script
    
    SAST
    
    DAST
  - AWS Code Pipeline
    AWS Code Pipeline
    
    Overview
    
    SAST
    
    Container Scan
    
    IaC Scan
    
    DAST
  - GitHub
    GitHub
    
    Overview
    
    Onboard Private Repos
    
    SAST
    
    SAST (Semgrep)
    
    SAST (Opengrep)
    
    Container Scan
    
    IaC Scan
    
    DAST
    
    Secret Scanning with Github Actions
  - Gitlab
    Gitlab
    
    Overview
    
    SAST
    
    SAST (Opengrep)
    
    Container Scan
    
    IaC Scan (AccuKnox)
    
    IaC Scan (GitLab Pipeline)
    
    DAST
    
    Secret Scan
    
    Scan Variables
    Scan Variables
    
    Container Scan Variables
    
    IaC Scan Variables
    
    DAST Scan Variables
    
    SAST Scan variables
  - Bitbucket
    Bitbucket
    
    Overview
    
    SAST
    
    Container Scan
    
    IaC Scan
    
    DAST
    
    Secret Scan
    
    OpenGrep SAST
    
    Scan Variables
    Scan Variables
    
    Container Scan Variables
    
    IaC Scan Variables
    
    DAST Scan Variables
    
    SAST Scan variables
  - CheckMarx
    CheckMarx
    
    Overview
    
    SAST
    
    SCA
    
    Iac Scan (KICS)
    
    Container Scan
- Registry Scan
- K8s Management
  K8s Management
  - Rafay
  - Mirantis Lens
    Mirantis Lens
    
    KubeArmor
    
    AccuKnox Agents
  - Nutanix
    Nutanix
    
    AccuKnox
    
    KubeArmor
  - Spectro Cloud
- Ticketing
  Ticketing
- SIEM Events
  SIEM Events
  - Telemetry (Sample)
    Telemetry (Sample)
    
    Logs
    
    Alerts
  - Splunk
  - AccuKnox SplunkApp
  - KubeArmor Splunk Integration
  - Azure Sentinel
  - Azure Sentinel Feeder Integration
  - Rsyslog
  - Rsyslog Feeder Integration
  - AWS Cloudwatch
- SSO
  SSO
  - Azure Entra
- Notification
  Notification
  - Slack
  - Email
- OAuth
- Email Backend
Use-Cases
Use-Cases
- CNAPP Dashboard Widgets
- Vulnerability Management (CNAPP)
  Vulnerability Management (CNAPP)
- Secrets Scan
  Secrets Scan
  - GitHub
  - Azure DevOps
  - Bitbucket
  - Jenkins
  - Gitlab
- AI/ML Security
  AI/ML Security
  - Jupyter Notebook
  - ModelArmor
    ModelArmor
    
    Overview
    
    Pickle Code Injection PoC
    
    Adversarial Attacks on Deep Learning Models
    
    Deploy PyTorch App with ModelArmor
- Cloud Security Posture Management (CSPM)
  Cloud Security Posture Management (CSPM)
  - Overview
  - Asset Inventory
  - Azure Security
    Azure Security
    
    Overview
    
    Network Security
    
    Compute Security
    
    Database Security
  - AWS Security
    AWS Security
    
    Overview
    
    IAM Security
    
    Network Security
    
    Compute Security
    
    Storage Security
  - GCP Security
    GCP Security
    
    Overview
    
    IAM Security
    
    Network Security
    
    Compute Security
  - GRC
    GRC
    
    Multi-cloud Compliance
    
    Cloud Misconfiguration and Drift Detection
- Cloud Workload Protection Platform (CWPP)
  Cloud Workload Protection Platform (CWPP)
  - CWPP Overview
  - Least Permissive Posture Assessment (CWPP)
    Least Permissive Posture Assessment (CWPP)
    
    Zero Trust Security
    
    Audit/Forensics
    
    Runtime Application Behavior Discovery
  - Securing Secrets Managers (CWPP)
    Securing Secrets Managers (CWPP)
    
    HashiCorp Vault Hardening
    
    CyberArk Conjur Hardening
  - Advanced Persistent Threat (CWPP)
    Advanced Persistent Threat (CWPP)
    
    Cryptojacking
    
    Hildegard
  - Container Image Scan
- DevSecOps (ASPM)
  DevSecOps (ASPM)
- Kubernetes Security Posture Management (KSPM)
  Kubernetes Security Posture Management (KSPM)
- VM Security
  VM Security
  - Introduction
  - Agentless Risk Assessment
    Agentless Risk Assessment
    
    Misconfiguration of Cloud Hosted VMs
    Misconfiguration of Cloud Hosted VMs
    
    Overview
    
    AWS Misconfigurations
    
    GCP Misconfigurations
    
    Azure Misconfigurations
    
    Host Security Scan
    
    Malware Scan
    
    Compliance Benchmarking & Risk Assessment
  - Agent-based Detection & Remediation
    Agent-based Detection & Remediation
    
    Audit & Log Management
    
    Workload Hardening
    Workload Hardening
    
    Blocking Execution of Package Managers
    
    File Integrity Monitoring
  - Advanced Threat Protection
    Advanced Threat Protection
    
    Preventing Cryptominers Attack
    
    Defending against Log4Shell
  - Reporting
    Reporting
    
    OnDemand and Scheduled
    
    Host Scan Report
- Access Keys
- IoT/Edge Security
- 5G Security
Support Matrix
Support Matrix
Resources
Resources
- CWPP Troubleshooting
- CSPM Troubleshooting
- User Manual
- Marketplace
  Marketplace
  - RedHat Marketplace Installation Guide
  - AWS Marketplace
    AWS Marketplace
    
    KubeArmor Installation Guide
    
    AWS Installation Guide
    
    KubeArmor EKS add-on
  - Oracle Marketplace Installation Guide
  - Azure Marketplace Installation Guide
- Customer Data Backup Guide
- Upgrading AccuKnox Agents
- Calculate Pricing
  Calculate Pricing
- Ticketing Procedures
- Technical Guide
- Release Notes
  Release Notes
  - AccuKnox
    AccuKnox
    
    v2.4 Release Notes
    
    v2.1-v2.2 Release Notes
    
    v2.0 Release Notes
    
    v1.7 Release Notes
    
    v1.6 Release Notes
    
    v1.5 Release Notes
  - KubeArmor
- Glossary
FAQs

Audit/Forensics

Process forensics

Process forensics

Get granular details of all the executed processes within the target workloads.

File forensics

File forensics

Get granular details of all the accessed files within the target workloads.

Network forensics

Network forensics

Get granular details of all the network accesses within the target workloads.

Syscall forensics

Syscall forensics

Get granular details of all the security sensitive system calls within the target workloads.

Sensitive Asset audit

Sensitive Asset audit

Audit any (read/write) accesses to sensitive assets.