What Is Container Security?

Container security refers to the protection provided by the HSS container edition.

The HSS container edition offers asset management, image security scan, cluster protection, runtime intrusion detection, and more capabilities. It provides lifecycle protection for containers and helps companies eliminate the container environment risks that cannot be detected by traditional security software, and enhancing container runtime security.

Container protection throughout the life cycle, including development, building, deployment, and running.

• During development and building, HSS works with the automated image scan and build pipeline to effectively scan images during CI/CD; detect software vulnerabilities, files, system configurations, and sensitive data risks; and prevent insecure image development.
• During deployment, HSS provides deployment admission control to ensure the security of images deployed on the live network.
• During container running, HSS provides real-time monitoring and log management to detect and respond to abnormal activities in a timely manner. It also uses the intrusion detection system and automated response mechanism to cope with potential security threats. In addition, Huawei Cloud HSS provides the container firewall. You can customize network policies and isolation measures for containers to effectively prevent potential risks of east-west networks in clusters and ensure secure communication between containers.