Skip to content

Runtime Security Overview

UDS Core provides runtime security capabilities to monitor and protect applications during execution. Runtime security solutions detect threats and malicious behavior in real-time across containerized workloads.

Currently, UDS Core includes NeuVector as the default runtime security solution in the runtime-security package layer. NeuVector provides container runtime protection, network security monitoring, vulnerability scanning, and compliance reporting.

Falco is now available as an optional runtime security zarf component and is the recommended path forward. Falco is a CNCF graduated project that provides cloud-native runtime security and real-time threat detection.

To deploy Falco, add it as an optional component in your UDS bundle:

kind: UDSBundle
metadata:
name: my-uds-bundle
description: UDS bundle with Falco runtime security
version: x.x.x
packages:
- name: core
repository: oci://ghcr.io/defenseunicorns/packages/uds/core
ref: x.x.x-upstream
optionalComponents:
- falco # Deploys Falco as an optional component