Runtime Security Overview
UDS Core provides runtime security capabilities to monitor and protect applications during execution. Runtime security solutions detect threats and malicious behavior in real-time across containerized workloads.
NeuVector (Deprecated)
Section titled “NeuVector (Deprecated)”Currently, UDS Core includes NeuVector as the default runtime security solution in the runtime-security
package layer. NeuVector provides container runtime protection, network security monitoring, vulnerability scanning, and compliance reporting.
Falco is now available as an optional runtime security zarf component and is the recommended path forward. Falco is a CNCF graduated project that provides cloud-native runtime security and real-time threat detection.
Deploying Falco
Section titled “Deploying Falco”To deploy Falco, add it as an optional component in your UDS bundle:
kind: UDSBundlemetadata: name: my-uds-bundle description: UDS bundle with Falco runtime security version: x.x.x
packages: - name: core repository: oci://ghcr.io/defenseunicorns/packages/uds/core ref: x.x.x-upstream optionalComponents: - falco # Deploys Falco as an optional component