Help Center> Host Security Service (New)> FAQs> About HSS> What Is Container Security Service?
Updated on 2022-12-28 GMT+08:00

What Is Container Security Service?

Container Security Service (CGS) scans vulnerabilities and configuration information in images, helping enterprises detect container risks that cannot be found using conventional security software. CGS also provides functions such as container process whitelist, container file monitoring, container information collection, and container escape detection to reduce risks.

Deployment Architecture

Figure 1 shows the CGS deployment architecture and Table 1 describes its key components.
Figure 1 CGS deployment architecture
Table 1 Key CGS components



CGS Container

Runs on each container node (host) to scan all container images on the node for image vulnerabilities, implement security policies, and collect exceptions.

Management Master

Manages and maintains CGS Containers.

Security intelligence

Provides a security information knowledge base containing vulnerability and malicious program libraries, as well as big data AI training models.

Management console

Provides a console for users to use CGS.

About HSS FAQs