Kubernetes is the leading container orchestration platform, easing large-scale management of containers. Deepfence provides deterministic application security for pods in production.
Deepfence is deployed as a DaemonSet and protects other pods by analyzing the network traffic and integrity of file systems, running processes, and also flags anomalies in resource access patterns in those pods. Deepfence works out of the box on managed Kubernetes solutions like Amazon EKS, Google GKE and OpenShift.
Istio as a sidecar proxy provides service identity, policy enforcement, ACLs and traffic manageability. Deepfence is deployed out-of-band and passively analyzes network traffic and system changes to protect against complex multi-vector, multi-stage attacks.