4min

Security

Service Account Permissions

Our agent needs permission to get, watch and list all resources in the core and metrics API groups. See below for our service agent's permissions.

YAML
|



Daemonset Permissions

Our daemonset utilizes eBPF to instrument at the kernel level. This allows to capture application level data with out the installation of any application level packages. Unfortunately this added insight does come at a cost. Our daemonset requires the container to be ran as privileged. Fortunately in Linux 5.8 the capability "BPF" was added allowing us to capture these lower level insights without as permissive privileges.



SOC 2

ContainIQ’s SOC 2 readiness report can be accessed via SafeBase and found here.



Questions / Disclosures / Comments

security@containiq.com

More coming soon.....



Updated 28 Feb 2022
Did this page help?
Yes
No
Documentation powered by archbee