bootstrap template

Threat Hunting in Kubernetes

Detect malicious threats and behavioural deviations with QRadar SIEM

With more and more production services being deployed into cloud environments, the threat landscape for exploiting applications has changed. Hackers persistently probe for vulnerabilities on web applications, and look for entry points into cloud environments through use of remote code execution vulnerabilities.  

If an application is susceptible to such a vulnerability deployed in Kubernetes, it can open the doors and potentially compromise adjacent services. Attackers deploy tactics that disguise their activities as legitimate activity, and sometimes exploit standard admin tools to do it. 
With QRadar SIEM, we can profile the container behaviour to detect when the container will deviate from its intended behaviour. It can also detect container break our (in order to get a shell in the host operation system), lateral; movement to other containers, and credential dumping and persistence.

Come and see how IBM QRadar helps security teams accurately detect and prioritise threats across the enterprise, with intelligent insights that enable teams to respond quickly to reduce the impact of incidents.

When it comes to container security, QRadar is at the forefront of Threat Detection. 


IBM UK Lab Campus, Hursley,
Winchester, Hampshire,
SO21 2JN
Email us