website logo
⌘K
ContainIQ Overview
Installing ContainIQ
Sending Fargate Logs to ContainIQ
Sending Logs from a Sidecar Container
Git Integration
Prometheus Integration
Requirements
Using ContainIQ
Security
Docs powered by archbee 
4min

Security

Service Account Permissions

Our agent needs permission to get, watch and list all resources in the core and metrics API groups. See below for our service agent's permissions.

YAML
|

Daemonset Permissions

Our daemonset utilizes eBPF to instrument at the kernel level. This allows to capture application level data with out the installation of any application level packages. Unfortunately this added insight does come at a cost. Our daemonset requires the container to be ran as privileged. Fortunately in Linux 5.8 the capability "BPF" was added allowing us to capture these lower level insights without as permissive privileges.

SOC 2

ContainIQ’s SOC 2 readiness report can be accessed via SafeBase and found here.

Questions / Disclosures / Comments

security@containiq.com

More coming soon.....

Updated 21 Jul 2022
Did this page help you?
Yes
No
Docs powered by archbee 
TABLE OF CONTENTS
Service Account Permissions
Daemonset Permissions
SOC 2
Questions / Disclosures / Comments