Through integration with the Response Management app, you can isolate, restore connection, and terminate containers throughout the Trend Vision One console using the context menu.
Depending on the type of container, direct response actions are available throughout
the Trend
Vision One console (for example, on the Workbench, Observed Attack Techniques, and
Search apps)
that you can then track using Response Management.
 |
ImportantBefore Kubernetes isolation is available, you must ensure that you have a network policy
deployed on your cluster. By default, Container Security continuous compliance creates a
Kubernetes network policy but you can manually create a Kubernetes network policy for
continuous compliance.
|
Supported response actions
|
Container type
|
Isolate/Resume Container
|
Terminate Container
|
||
|
Microsoft AKS
|
Supported
|
Supported
|
||
|
Google GKE
|
Supported
|
Supported
|
||
|
Amazon EKS (without Fargate)
|
Supported
|
Supported
|
||
|
Amazon EKS (with Fargate)
|
Not supported
|
Supported
|
||
|
Amazon ECS (with and without Fargate)
|
Not supported
|
Supported
|
||
|
Red Hat OpenShift
|
Supported
|
Supported
|
||
|
OKD
|
Supported
|
Supported
|
For more information on each task, refer to the following: